Audit Manager, Information & Cyber Security
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
- To act as a Team Member on assigned audit work involving Information and Cyber Security across the Group;
- To act as Team Leader and take responsibility for overseeing the planning and execution of the audit, maintaining the audit budget, including drafting of audit issues and the audit report;
- To ensure that assigned audit work is executed in an efficient and effective manner, within the given budget and timelines, and in line with GIA methodology standards;
- To clearly explain the risks and impact of issues identified during testing to GIA and business management
- The individual may support in department wide exercises such as annual planning, risk assessment and training.
- To actively manage relationships with senior auditee management and stakeholders;
- To support GIA audit teams by providing Information and Cyber Security knowledge and expertise for their audits relating to the individual's area of expertise;
- To provide ongoing continuous monitoring support to Heads of Audit (HOAs) and Senior Audit Managers (SAMs) in respect of the business and raise issues and observations outside of formal audit work to expedite rectification of control weaknesses; and
- To attend and present at formal committees and Group meetings on behalf of HOAs and SAMs, as required, e.g. Governance Committees and Country Non-Financial Risk Committees.
- Issue validation: Ensure that all audit issue action plans agreed during audit fieldwork are tracked through to completion in accordance with methodology requirements
- Support the HOA and SAMs where required, in the development of the GIA risk assessment and development of an appropriate audit plan for the HOA's assigned portfolio;
- Propose audits for coverage during the audit cycle based on their knowledge of the business; and
- Carry out their role in line with the Audit Charter and remain independent from management and free from interference.
- Assist the HOA to effectively manage the cost of assigned audits within the allocated budget for audit engagements .
- Identify opportunities for efficiencies within audit work.
- Participate as team member or team leader for assigned audit work and potentially lead the more complex audits such as cross-functional and multi-location high risk audits;
- Ensure that audit deliverables meet quality standards and timelines in line with the GIA methodology;
- Draft and submit inputs to the audit scope (including the Audit Planning Memo and Process Risks Controls Matrix) proposed by the Audit Lead;
- Assist in the drafting of the audit report in the GIA report review process; and
- Track the implementation/delivery of the agreed issues and action plans for the audits assigned, understanding the key risks arising, provide advice on resolution of issues to auditees/action plan owners and escalate audit findings that remain unresolved.
- Support the HOA to update the relevant assigned risk assessments on a regular basis to ensure that changes in risk profiles are identified in a timely manner, proposing changes to the assigned audit plan to the HOA, as appropriate;
- Be prepared to raise issues/concerns outside the normal audit process;
- At the request of the HOA, attend relevant meetings (e.g. Management Groups and Committees) to keep up-to-date on key business matters and provide the right challenge to ensure risks are appropriately identified, discussed and timely remediation plans are put in place; and
- Review MI and reports regularly to keep up-to-date with key trends within the business.
People and Talent
- Establish and maintain effective working relationships with the management of business units which fall under risk assessment responsibility.
- Demonstrate proactivity and positive engagement during team sessions;
- Influence change within the department by highlighting potential enhancements;
- Identify growth areas at the start of each audit, and discuss with the Audit Lead on how best to work on them during the work;
- Identify and successfully complete key internal training for self-development; and
- Support the HOA to proactively spot talent for GIA.
Regulatory & Business Conduct
- Assist the HOA to manage the relevant Product/Country clients, and establish good working relationships to help the businesses improve the control environment and keep updated with changes in the business impacting their risk profile;
- Ensure clear communication of findings/issues/root causes to all relevant clients and monitor/escalate any overdue actions plans to the appropriate business manager and/or governance committee for resolution; and
- Ensure timely escalation of delays in execution of audit work, both to auditee management and GIA management.
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Support GIA to achieve the outcomes set out in the Bank's Conduct Principles .
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
- Designated business stakeholders, typically related to individual audit assignments and the Information and Cyber Security portfolio; and
- GIA stakeholders - team leaders, team members, team managers, Product, Functional, Country and Regional Heads of Audit.
Our Ideal Candidate
- Embed Here for good and Group's brand and values in GIA; and
- Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
Apply now to join the Bank for those with big career ambitions.
- In-depth understanding of Information and Cyber Security risk management and associated control requirements;
- Strong communicator, both written and verbal, with ability to clearly explain controls to be tested and risks identified to audit and business management;
- Confident and courageous to raise and escalate ideas or concerns in a professional and timely manner;
- Proactive, self-directed and able to work with minimum supervision;
- Exercise professional judgment, objectivity and discretion
- Ability to work within a global team.
- Experience in audit, governance, risk or in a business environment;
- Professional audit and Information and Cyber Security related certification preferred