Job Purpose: Conducts, plans and executes internal audits to evaluate the adequacy and effectiveness of internal controls, accuracy of information reported and compliance with policies and procedures.
Provide I.T. auditing subject matter expertise for the Internal Audit Department in order to ensure that:
– QG information systems and technology are properly audited; and
– QG Internal Audit Department makes appropriate use of available technology.
– Plans audits by analyzing business processes and preparing risk assessments to determine the controls to be tested. Defines the audit scope, objectives and audit program steps in order to test the system of controls and obtains approval for the plan from the Head and/or CIA. Formulates and agrees audit plans, scope and objectives with auditees.
– Detailed planning and execution of I.T. audits.
– Conducts audit fieldwork by coordinating audits teams and testing controls and compliance with policies, procedures and agreed practices.
– Prepares internal audit reports, audit plans, progress reports, and early reports on potential significant findings.
– Conducts follow-up of prior audit observations to ensure agreed actions are implemented by the Auditee.
– Trains and develops Auditors “on the job” regarding IAD standards, audit process, company business and processes, observation and report writing, in order to ensure continuous development of IAD talent pool.
– Conducts special reviews under supervision of Head or Audit Specialist as requested by CIA in order to address specific concerns of senior management.
– Support other audits by providing subject matter expertise on I.T. controls.
– Support Internal Audit Department in selection, use and maintenance of technology.
– Lead and conduct other non-I.T. audits as required.
– Bachelor’s degree in Accounting/ Business Administration/ Engineering and relevant post-graduate / professional qualifications, e.g. in I.T. / Computing MSc, Certified Internal Auditor, Certified Information Systems Auditor.
– Minimum 8 years experience in relevant role, i.e. I.T. Audit, I.T. Security preferably in the Oil & Gas / Petrochemical industry in internal audit/compliance/risk management or inspections or testing roles.
– Expertise in I.T. security and auditing standards (e.g. ISACA); ERP (preferably SAP); and I.T. auditing tools, e.g. ACL, or similar CAATs tools and TeamMate or similar audit management software.
– Basic knowledge of industrial control systems, network security, SCADA, application control.
– Good knowledge of the Oil & Gas/LNG business, specifically key processes, key risks, and key controls.
– Good awareness of corporate governance and risk management processes.
– Strong knowledge of Institute of Internal Audit professional standards and auditing processes.
– Able to maintain good judgment, manage conflict, lead and influence objectively with tact and persuasion.
– Computer literacy with ability to use word-processing, spreadsheets, databases and graphics applications.