IT Auditor - Audit

About KPMG International

KPMG is a global organization of independent professional services firms providing Audit, Tax, and Advisory services. KPMG is the brand under which the member firms of KPMG International Limited (“KPMG International”) operate and provide professional services. “KPMG” is used to refer to individual member firms within the KPMG organization or to one or more member firms collectively.

KPMG firms operate in 145 countries and territories with more than 236,000 partners and employees working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. Each KPMG member firm is responsible for its own obligations and liabilities.

KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients.

For more detail about our structure please visit: https://home.kpmg/xx/en/home/misc/governance.html

Roles & Responsibilities

• Perform testing of IT Application Controls/ITAC/Automated controls, IPE, and Interface Controls through code reviews, IT General Controls/ITGC/GITC review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery.
• Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix.
• Perform business process walkthrough and controls testing for IT Audits.
• Performing planning and executing audits, including - SOX, Internal Audits, External Audits.
• Conducting controls assessment in manual/ automated environment.
• Prepare/Review of Policies, Procedures, SOPs.
• Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.
• Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed.
• Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables.
• Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

Qualifications

• CA/ACCA/MBA with minimum 3-year IT Audit experience.
• Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) in IFC and PCAOB clients.
• Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.)
• Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology.
• Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage.
• Exposure to ERP systems will be added advantage.
• Strong project management, communication (written and verbal) and presentation skills.
• Knowledge of security measures and auditing practices within various applications, operating systems, and databases.
• Strong self-driven work, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism.
• Certifications preferred – CISA/CISSP//CISM.
• Exposure to automation Data Analytics tools such as Alteryx, ACL & Power BI will be an advantage.
• Proficiency with Microsoft Word, Excel and other MS Office tools.
• Industry experience in – Telecom, Banking, and petrochemical.