This is for our Indian global telecommunications services
company based in New Delhi, India. It operates in more than 20 countries across
the globe
Job Description
Job Title: Internal Audit
Job Level: B
Function: Risk
Location : Gurgaon
Reporting to: Audit Head
Purpose of the Job
The incumbent will be responsible for conducting Information
security audit for the bank.
Job Description
·
To carry out IS Audit planning using the Risk
Based Audit Approach. The approach would involve aspects like IT risk
assessment methodology, defining the IS Audit Universe, scoping and planning
the audit, execution and follow up activities.
·
To ensure IS Audit Plan (either separately or as
part of the overall internal audit plan) be a formal document, duly approved by
the Audit Committee initially and during any subsequent major changes. The
Audit plan to be prepared in compliance with appropriate external
regulatory/legal requirements, in addition to well-known IS Auditing Standards.
·
Would be responsible for follow up and closure
on ATR
·
To implement IS Audit policy/charter subjected
to an annual review/approval to ensure its continued relevance and effectiveness.
·
To build the IS Audit Universe around various IT
people and processes like application systems, information or data,
infrastructure (technology and facilities like hardware, operating systems,
database management systems, networking, etc., and the environment that houses
and supports them that enable the processing of the applications) and people
(internal or outsourced personnel required to plan, organize, acquire,
implement, support, monitor and evaluate the information systems and services).
·
To finalize annual IS Audit Plan and strategy
which is prepared based on the scoping document and risk assessment.
·
To report on the status of planned versus actual
IS audits, and any changes to the annual IS audit plan (to be presented
periodically to the Audit Committee and Senior management)
To cover IT governance, information security
governance related aspects, critical IT general controls like data center
controls and processes and critical business applications/systems having
financial/compliance implications including MIS and regulatory reporting
systems and customer access points (like delivery channels)