IT Internal Audit Lead

About the role :

As our next star as IT Audit Lead, you will get chance to help Amartha on implementing IT Internal Audit

activities and demonstrate your keen ability to identify root cause of problem. You will work alongside the

other internal audit team, risk division, and monitoring Amartha’s operational activities to deliver

improvement of business process quality of Amartha.

Responsibilities :

• Ensuring IT audit plan is executed properly and sufficient audit evidence and/or documentation is

obtained to support audit findings.

• Collect and analyze data to detect anomaly transaction, deficient controls, duplicated effort,

extravagance, fraud, or non-compliance with laws, regulations, and management policies.

• Implement systems and procedures related to IT audit process.

• Demonstrate the ability to identify root cause of audit process.

• Prepare audit working papers in complete, systematic, and timely manner and ensure those are

documented in accordance with professional standard.

• Prepare detailed IT audit report.

• Providing insightful recommendations to minimize or eliminate risks to shareholders.

• Monitor open issues and ensure implementations of recommend internal control measures.

• Conduct advisory services process improvement to business cluster and produce its report.

• Maintain good relations with the Auditee and third counterparts during the implementation of internal

audit assignment.

• Technology and Business degree fields from a reputable University, such as Information Technology,

Information Systems, or Computer Science.

• Have a minimum of above 6 years of experience in auditing IT controls, including IT General Controls, IT

Application Controls, and Security Controls in similar industries.

• Have experience in Internal Control over Information Security Management System (ISMS): ISO 27001

review, Cyber Security, and IT regulatory compliance review.

• Strong technical background with deep knowledge in Information Technology review and Information

Security review, and having relevant certification is an advantage: CISA, CRISC, or ISO27001

implementor/ lead auditor.

• Understand most IT governance frameworks and risk assessment frameworks such as COBIT, ITIL,

TOGAF and ISO 31000.

• Have a good knowledge in internal auditing, risk management and business continuity.

• Ability to work with multiple projects, proactive and high initiative.

• High Integrity, quick learner, agile, honest attitude, excellent team work, good attitude, and detail

oriented.

• Strong analytical thinking, root cause analysis, and problem solving.

• Have a good project management skill in developing system.

• Good communication skill written & verbal.