Vice President - Information Systems Audit - CISA

Job Profile

The candidate should be a proven IS auditor and risk professional who will help develop and drive a clearly defined IS audit strategy with complete responsibility for the function.

S/he will be responsible for Planning and executing the IS audits, review the efficiency & effectiveness of information systems and ensure compliance in coordination with stakeholders under ambit of Bank' internal policies, regulator guidelines & Industry' best practices.

Job Title - VP - Information Systems Audit

Reporting to Head Internal Audit

Location: Mumbai

Primary Job Duties/Responsibilities:

The key job duties/responsibilities are enumerated below:

- Define the audit universe and conduct the risk assessment of the audit universe for the entity based on the regulatory guidelines and industry best practices.

- Plan and execute the IS audits, review the efficiency & effectiveness of information systems and ensure compliance in coordination with stakeholders under ambit of Bank' internal policies, regulator guidelines & Industry' best practices.

- Perform general and application control reviews from simple to complex IT systems, system development standards, operating procedures, system security, programming controls, communication controls, backup, disaster recovery and system maintenance, etc.

- Accurately interpret audit results against defined criteria and prepare high quality summary of findings, recommendations, systemic improvements, audit finding memoranda and working papers to ensure that adequate documentation exists to support the completed audit and conclusions.

- Follow up on audit findings to ensure that Auditee has taken corrective action(s) within time bound manner as per Bank' defined Policy.

- Responsible for staying current on regulatory requirements and technological changes and maintain currency of knowledge with respect to relevant state-of-the-art technology, equipment, and/or systems.

- Perform review of internal control procedures and security for systems under development and/or enhancements to current systems.

- Consult with and advise Business groups and respective stakeholders on various operational issues related to computerized information systems, new product developments and general business operations.

- Formulation of Policies and SOP as per latest legislative, statutory and regulatory requirements for IT and Information & Cyber security.

- Focus on material risk areas and prioritize the audit work.

- Document process and prepare audit findings memorandum.

- Conduct follow up audits to monitor management's interventions.

- Plan for internal audit assignments including the scope, objectives, timelines, and resource allocation.

- Serve as a neutral source of unbiased guidance to assure accuracy, legality, and goal

- Serve as a neutral source of unbiased guidance to assure accuracy, legality, and goal accomplishment.

- Prepare and present reports that reflect audit results and document process.

- Identify loopholes and recommend risk mitigation measures and cost savings.

- Report the pending high and medium risk areas and persisting irregularities.

- Define and implement a system to monitor compliance to the observations made by internal audit.

- To remain abreast of emerging trends and successful practices in Internal Auditing. Track the latest development on sector rules, regulations, best practices, tools, techniques, and performance standards.

- Emphasize on and leverage both existing & new technologies for reduction in errors and enhancement of operations.

- Assist in the investigation of any significant suspected fraudulent activities within the company.

- Develop approaches to promote knowledge sharing and promulgate management best practices across Internal Audit in the bank.

- Data Analysis and submission of MIS/information to top management and other stakeholders.

- Any other assignment as may be assigned by the Bank from time to time.

Professional Experience:

- Minimum 12 years of experience in the Banking/corporate sector of which minimum 6 years in financial services.

- The candidate should have a minimum of 3 years of IS audit/Information Security experience in in RBI regulated entity.

- Should have a good understanding of industry and risk management, knowledge of regulations, legal framework, and sensitivity to supervisors' expectations.

- Should have the ability to independently exercise judgement and should have the freedom and sufficient authority to interact with regulators/supervisors directly and ensure compliance.

- Sound understanding of technology, laws and statutory regulations pertaining to financial management, operations, audit, and compliance.

- Should have a proven track record of influencing individuals to drive results.

- Good communication and presentation skills.

- Knowledge of information technology, data analytics, forensic investigation, among others will be preferred.

Educational Qualifications:

- Graduate / Postgraduate in any discipline from a recognized University / Institution along with CISA certification.

Preferred: Certified Internal Auditor (CIA), Certificate in Audit & Accounts Certification course in Information & Cyber Security