I.T. Internal Audit

Key Responsibilities

Audit Planning & Execution

• Participate in the development of the annual IT audit plan based on risk assessment inputs.
• Plan, perform, and lead IT audits covering infrastructure, applications, cybersecurity, data governance, IT operations, and third-party providers.
• Evaluate the effectiveness of IT general controls (ITGCs), automated controls, and system configurations.
• Conduct audits related to emerging technologies such as cloud environments, DevOps processes, and data privacy.

Risk Assessment & Control Evaluation

• Identify IT risks, vulnerabilities, and control gaps.
• Assess system security, access management, change management, backup and recovery, and network controls.
• Review compliance with frameworks such as ISO 27001, NIST, COBIT, ITIL, GDPR, and relevant regulatory standards.

Reporting & Communication

• Prepare audit reports that clearly present findings, conclusions, and actionable recommendations.
• Communicate audit results to management and collaborate on remediation strategies.
• Track, monitor, and validate remediation actions to ensure timely completion.