GM Internal Audit IT & Cyber Security
K-Electric
- Karachi, Sindh
- Permanent
- Full-time
- ISO/IEC & BCI standard specifications for IT security, system, governance, total quality & process documentation
- IIA, IPPF & ISACA framework and GTAG
- Project managementExperience8-10 years of experience in power utility with at least 3-4 years' experience as senior managerCompetenciesOverhead Transmission Maintenance_MGR-GMSafety Awareness_MGR-GMPlant Maintenance and Operations_MGR-GMData Analytics and Reporting_MGR-GMIndustry Principles and Concepts_MGR-GMSupply Chain Management_MGR-GMProject Management_MGR-GMMental Agility_MGR-GMEnergy Management_MGR-GMInternal Audit Techniques_MGR-GMDrives Results_MGR-GMSAP Management_MGR-GMDrives Change_MGR-GMFinancial Acumen_MGR-GMBuilding High Performance Teams_MGR-GMTroubleshooting_MGR-GMBusiness Acumen_MGR-GMTechnical Writing_MGR-GMRisk Assessment and Management_MGR-GMQuality Control and Continuous Improvement_MGR-GMSelf Awareness_MGR-GMCloud Computing_MGR-GMPower Stability and Reliability_MGR-GMProcess Safety Management_MGR-GMStakeholder Management_MGR-GMArea of Responsibilities1 Planning and Risk Assessment (15%)
- Assists in developing IT Audit annual plans and works to determine directions and order of audit assurance and consulting exercises for the year; Defines Audit Universe, proposes timely revisions in the universe following organizational changes; Introduces new technology, automation and or retiring of a IT solution
- Updates audit universe from the perspective of ensuring completeness of auditable entities
- Assess information's and operational risks of auditable entities based on risk assessment model
- Conducts meetings with department / section heads, finalize risk assessment and obtain knowledge of future business plans for its coverage in the planning process
- Prepares a draft Annual IT & Power Generation audit plan and submit the same to the line for review, discussion and onwards finalization with the CIA
- Prepares IT software & hardware related budgetary requirement for Audit Department
- Supervises in the development and updating of internal IT audit service edict and engages as a contributor for the same on improving the IA manual
2 Supervision and review of Audit Execution (35%)
- Determines the scope of audit and reviews the adequacy of audit objectives; Ensures coverage of all key business processes associated to the entity being audited
- Finalizes initial and final risk assessment for the organization processes; Reviews the appropriateness of audit procedures in audit program and ensures complete population is captured
- Evaluates the execution of work by teams and assures that it is in accordance with planned objectives and audit program
- Coordinates with auditee management in case of delays in providing access to IT production systems/solutions and or process documents including but not limited to policy, mandate, business blue-print, standard operating procedures
- Ensures CAATT (computer assisted audit tools techniques) are utilized to their potential and job is timely and completely recorded in the audit management solution
- Determines the root causes of control gaps and identify areas where process re-engineering is required and Deliberate viable solutions with auditee management for process improvement
- Reviews the risk ratings of audit observations based on the Risk Rating MethodologyArea of Responsibility Continued3 Reporting and Follow-up (20%)
- Reviews draft audit reports submitted by Manager / DGM containing observations, risk rating, recommendation
- Conducts meetings with section head / department head to discuss the audit observations and suggest practical measure to mitigate risks and implement controls
- Shares the audit report with section head / department head and obtain management comments and action plans to address the control gaps identified
- Prepares summary reports, presentations & dashboard projections for discussion with executive management
- Prepares ITAC reports, Minutes of Meetings and actions items of prior meetings
- Conducts follow up reviews on implementation of action-items agreed in IA reports and ITAC meetings
- Assists Head IT & Generation Audit on draft IA report review; performs data validation and verification. Engages & coordinates with user department for management reviews and ensure completeness in terms with execution responsibility and timeline
- Provides insight on new standards, guidelines, technologies and tools to better manage audit, consulting engagements & presentations
4 Consulting Activities (10%)
- Reviews relevant documentation shared by cross functional teams and or departments from perspective of establishing adequate internal controls
- Provides an independent view during implementation of new projects, processes and systems to ensure their quality and compliance with Company's policies and procedures
5 Administrative Activities (10%)
- Assists in calculating annual cost allocation for department positions and budget IT systems/licenses
- Manages system requirements for CAATT, audit management and audit intelligence solutions.
- Engages in ITG planning, sizing of infrastructure and procurement function; Supervises data backup and recovery routine in coordination with the vendor and ITG
6 People Management (10%)
- Identifies & plan training requirements for IA and coordinate with HR Learning & Organizational Development; impact resource performance management; Manage people development, career planning and engagement function
- Handle administrative issues including recruitment, leaves, grievances and other issues; Provides guidance to the direct reports as and when required
- Creates team-spirit and ensures seamless interaction among team members; Ensures parity among subordinates with regards to learning and growth opportunities
- Creates a conducive working environment to build and sustain an engaged and committed team