Information Systems Auditor
@ Tamarind Management Limited

We are looking for a dynamic, results-driven Information Systems Auditor who will primarily be responsible for providing assurance on the adequacy, risks and controls of information systems and acting as a link between finance, internal audit and IT departments in solving system related findings-as a form of synergy to improve financial and operational efficiency of information systems in place-to help Tamarind Management Limited and its affiliated companies in achieving the set objectives.

To align with the company and Internal Audit objectives, the Information Systems Auditor will be expected to prepare system audit plans and strategies to mitigate threats, manipulation and misuse of organizational systems.

Key Responsibilities:

• Review IT policies and procedures, identify control weaknesses and set up standard operating procedures to address the identified weaknesses and ensure adequacy.
• Review the group’s IT hardware and software to ensure acquisition and deployment, upgrade and disposal process are in line with best practice and policies and ensure that IT risks are properly identified and controls embedded to mitigate the risks.
• Review information system application servers, backups, ICT infrastructure, network, Business Continuity plan, and Disaster Recovery Plan to ensure compliance to policy and best practice.
• Assess the entire ICT environment from application systems and business protocols to determine whether business objectives are being attained in a secure environment.
• Test and identify network and system vulnerabilities and create counteractive strategies to protect the network.
• Test ICT general controls within the group to ensure confidentiality and access management are well managed.
• Perform continuous reviews and report on cyber risks and controls of the ICT systems to the HOD Audit.
• Provide assurance on the protection of Information Assets and security of the entire ICT environment within the group including the infrastructure.
• Prepare and submit the audit program to the HOD Audit including risk assessment, evaluation of control environment, and formulation of audit objectives, designing audit procedures, information gathering, and evidence analysis to ensure quality risk-based audits.
• Participate in the preparation of the annual audit strategy and plan in line with key risk areas and strategic priorities of the Company in consultation with the HOD Audit.
• Conduct integrated audit in collaboration with the business processes auditors to provide assurance of the business environment considering the ICT aspect.
• Carry out routine and special audit assignments as requested from time to time and develop reports on findings and recommendations that inform on action points.
• Carry out audit follow ups when due, based on Board resolutions & management action points and develop reports on implementation status.
• Document the benefits, strength, weaknesses and improvement measures of organizational information system infrastructure.
• Consult with and advise management and staff on various operational issues related to computerized information systems, and on general business operations as needed.
• Coordinate and interact with external auditors, management, staff and law enforcement officials as may be appropriate; may be required to be an expert witness.
• Assist and train other audit staff in the use of computerized audit techniques, and in developing methods for review and analysis of computerized information systems.
• Keep abreast on latest technology and trends to provide input to mitigate emerging threats to the group.
• Any other responsibilities that may be assigned by the management from time to time.

Qualifications and Skills:

• Bachelor’s degree in Computer Science, Business Information Technology, Information Technology or related field from a recognized university
• Ability to interpret system, financial and accounting data.
• Ability to gather data, compile information, and prepare reports.
• Ability to perform control reviews on systems development, operation, programming, control, and security procedures and standards.
• Have a keen eye to details.
• High integrity and be of unquestionable character.
• Strong interpersonal skills and a good team player.
• Excellent in communication, presentation and interpersonal skills.
• Knowledge of general accounting and auditing principles.
• Knowledge of current technological developments/trends.
• Knowledge of Restaurant / Hotel auditing policies, standards, and procedures.

Preferred Qualifications:

• Certified Information Systems Auditor (CISA)
• Certified Internal Auditor (CIA) or Certified Public Accountant (CPA) desirable.