This is for our Indian global telecommunications services company based in New Delhi, India. It operates in more than 20 countries across the globe
Job Title: Internal Audit Job Level: B
Location : Gurgaon
Reporting to: Audit Head
Purpose of the Job
The incumbent will be responsible for conducting Information security audit for the bank.
· To carry out IS Audit planning using the Risk Based Audit Approach. The approach would involve aspects like IT risk assessment methodology, defining the IS Audit Universe, scoping and planning the audit, execution and follow up activities.
To ensure IS Audit Plan (either separately or as
part of the overall internal audit plan) be a formal document, duly approved by
the Audit Committee initially and during any subsequent major changes. The
Audit plan to be prepared in compliance with appropriate external
regulatory/legal requirements, in addition to well-known IS Auditing Standards.
Would be responsible for follow up and closure
To implement IS Audit policy/charter subjected
to an annual review/approval to ensure its continued relevance and effectiveness.
To build the IS Audit Universe around various IT
people and processes like application systems, information or data,
infrastructure (technology and facilities like hardware, operating systems,
database management systems, networking, etc., and the environment that houses
and supports them that enable the processing of the applications) and people
(internal or outsourced personnel required to plan, organize, acquire,
implement, support, monitor and evaluate the information systems and services).
To finalize annual IS Audit Plan and strategy
which is prepared based on the scoping document and risk assessment.
To report on the status of planned versus actual
IS audits, and any changes to the annual IS audit plan (to be presented
periodically to the Audit Committee and Senior management)
To cover IT governance, information security
governance related aspects, critical IT general controls like data center
controls and processes and critical business applications/systems having
financial/compliance implications including MIS and regulatory reporting
systems and customer access points (like delivery channels)