Location: Yerevan, Armenia
Category: information technology
Type: Full Time
Deadline: 15-Mar-20 12:00:00 AM
Salary:
Description
Responsibilities
Work to perform includes, but is not limited to:
- Involvement in financial audits as Information Risk Management Specialist for performing IT and Application control testing, specifically: Entity level control testing:
- Control environment: IT organizational structure and reporting lines, IT strategy and budget, IT staff development
- Responsible for entity-wide risk assessment process: Management's process for identifying IT risks relevant to financial reporting
- Responsible for information systems relevant to financial reporting and communication: Identification of significant IT applications that are related to financial reporting; identification of major IT projects for the current year and the year ahead; evaluation of functional description of key IT applications and system overview diagram outlining key data flows
- Responsible for monitoring: IT monitoring activities (e.g. self-assessment processes and IT internal audit function), performance appraisal, IT budget and cost analysis
- Assess the IT organization and management controls in place to manage the implemented general IT controls;
- Inspect IT policies and procedures
- Assess processes for verifying compliance with established general IT controls GITC:
- Test 'Access to Program and Data' controls
- Test 'Program Change' controls
- Test 'Program Development' controls
- Test 'Computer Operations' controls Application level controls:
- Identify application controls and performing procedures for the test of design and operating effectiveness of all these controls.
RequiredQualifications
- Master's degree in Computer Science, Computer Engineering, Information Systems, IT audit, Business Administration or a related discipline
- At least 2 years of experience in internal or external IT audit, IT risk and compliance, business process, or compliance audit
- Good knowledge of English and Russian languages
- Possession of one or several certifications among the following CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor, ITIL Foundation is a plus
- Good knowledge of security, IT risk management and privacy related standards, regulation, e.g. ISO 27001, COBIT, GDPR
- Ability to evaluate General IT and IS Controls
- Ability to evaluate processes and controls over the Business operations and Systems
Benefits
Job URL: iJob.am - Information Risk Specialist in Audit Department @ KPMG Armenia CJSC
No comments:
Post a Comment