IT Audit Assistant Manager - Governance, Risk & Compliance

Job content

The role
Four experienced members of the national Tech Risk team recently integrated into the GRCS NM Internal Audit team to form a dedicated ITIA GRCS team. This service currently has the following four key propositions for our clients:

• Evaluation of controls over technology through Internal Audit.
• The strategic use of technology as an enabler in the Internal Audit.
• The identification and evaluation of technology related risks.
• Audit of IT and change programmes.

These clients need to deal effectively with their operational risks, to achieve maximum value from their technology, data and processes and our ITIA team provide independent, jargon-free advice to help them achieve this potential.
As an Assistant Manager in the IT GRCS team there will be opportunities to work on a variety of engagements covering the spectrum of services that we provide including:

• Reviewing and establishing internal audit functions from a technology perspective
• Assurance mapping with technology lens – IT controls health checks and IT risk universe
• Creating annual audit plans for clients including IT audits and tech approaches to non-IT audits
• Providing technology internal audit services on both outsourced and co-sourced contractual basis
• Delivering individual and/or a programme of IT internal audit projects which includes planning, review, quality assurance and reporting
• Working with client’s in-house internal audit function to supply IT specialist or additional IT IA resource needed
• IT Process improvement projects
• Risk management, governance and internal audit advisory services
• Tech Risk identification workshops and IT control reviews
• Delivering IT control and tech risk training
• Delivering ITGC internal control questionnaires
• Delivering IT and Technology Corporate governance reviews
• Delivering Contract compliance audits with technology focus
• Delivering engagements to assess the effectiveness of IT internal audit functions
• Working with members of other KPMG advisory teams
• Secondments to clients to assist with IT specific projects
• Delivering specific IT advisory projects
• Supporting business development initiatives as well as the completion of tenders

Responsibilities

• Assisting management to retain responsibility for a UK-wide portfolio of clients, maintaining relationships with senior KPMG and client staff and is responsible for the financial performance and delivery of these accounts
• Demonstrating a detailed understanding of how current and emerging legal, regulatory, governance, risk management, auditing, accounting and financial reporting standards affect their clients
• Understanding and assisting managers to undertake KPMG’s internal risk management and client engagement management procedures including client acceptance, continuance and engagement procedures
• Design controls to meet leading practice Internal Controls over Financial Reporting (ICOFR) principles
• Plan and execute the day-to-day activities to deliver testing as part of internal audit and ICOFR assessments, including leading tests of design and test of operating effectiveness of controls.
• Keeping up to date with all IT industry specific issues and circumstances which affect your clients
• Developing IT internal audit strategies which address all internal audit, client service and project management issues, in accordance with the KPMG internal audit methodology
• Delivering against those IT audit strategies
• Recognising where specialists are required and involving other KPMG staff, managing their input to the client
• Reviewing the audit evidence obtained ensuring it is sufficient and in line with IIA Standards and KPMG methodology
• Conducting meetings with clients to explain IT internal audit findings and drafting and reviewing reports
• Reporting to partners/directors all salient points arising from assignments
• Assisting management to produce quarterly Audit Committee papers
• Assisting management to set budgets for engagements and monitoring delivery against the budget
• Ensuring work in progress is monitored and controlled with fees being raised promptly
• Identifying and exploiting additional fee billing possibilities
• Planning and allocating staff resources to fulfil business requirements
• Setting objectives with the team, and providing support and feeding back on performance
• Providing coaching and training to KPMG staff on risk management and IT internal audit methodology
• Identifying and developing new opportunities for KPMG to work with clients and targets
• Writing tender documents and presenting at proposals.
• Assisting partners in general business development.
• Event management – Assisting with the organisation of internal events for clients (e.g. internal audit breakfast sessions)
• Overseeing the preparation and dissemination of monthly thought leadership updates for clients

Qualifications / Skills / Experience:
We expect that you will have:

• Proven experience in a technology risk and control / audit environment within professional services or an internal audit / risk function.
• Direct experience of SOx scoping, risk and readiness assessments, implementation and/or testing activities.
• Excellent communication skills and report writing skills.
• Ability to develop excellent relationships both internally and with clients.
• Capacity to deliver work within tight timescales to a high quality.
• Undergraduate Degree, ideally, in technology, business, or related field.

It would also be useful (but not a deal-breaker) if you have:

• Experience of business analysis and core business processes, for example, transaction processing, system development ledger systems.
• Experience within the corporate sector(s) and knowledge of systems and processes used within them.
• Ability to identify and assess complex IT risks and controls, to relate them to the wider business environment and to express opinions clearly at all levels.
• A good understanding of technology platforms.
• Recognised Technology Assurance auditing (e.g. CISA, CIMA) qualification, or working towards this qualification.