Manager - IT Audit

at  GMG

About GMG
GMG is a global well-being company retailing, distributing and manufacturing a portfolio of leading international and home-grown brands across sport, everyday goods, health and beauty, properties, and logistics sectors. Its vision is to inspire people to win in ways that make the world better. GMG’s investments span across five key verticals: GMG Sports, GMG Everyday Goods, GMG Health and Beauty, GMG Properties, and GMG Logistics. Under the ownership and management of the Baker family, it has become a leading global company, affiliated with the world’s most successful and respected brands in the well-being sector. Working across the Middle East, North Africa, and Asia, GMG has introduced more than 120 brands into its markets.
About the role
The role holder is responsible for managing and executing Audit and Assurance plans for GMG within the
group. This role will include Risk Assessment, Developing Annual IT Audit Plan, Roll out IT Audit projects.
This role is ‘Individual Contributor’ role as well leading a team of junior IT auditors.
About the requirements

IT Security Audits

• Provide Business and IT management with guidance on IT risk management matters, particularly

on application and infrastructure security.

• Responsible for developing and maintaining the IT Risk Assessment at the Group Level under the

oversight of the Internal Audit Manager; including identifying areas where business units should

consider additional investment and areas internal audit should focus.

• Conduct audits or lead audit teams in performance of IT audits and reviews of systems,

applications and IT processes. Prepare and report results to executives and Audit Committees.

These include;

• Perform pre and post- implementation reviews of system implementations or enhancements.
• IT security audits (e.g. network, operating system and data center), including evaluating if

security vulnerabilities are properly identified and mitigated. Coordinate the scope and

performance of these reviews with business units and external security experts.

• Evaluate information general computing controls and provide value added feedback. Test

compliance with those controls. Coordinate with Sox teams as applicable.

• Perform various other reviews of IT management policies and procedures such as change

management, business continuity planning/ disaster recovery and information security to ensure

that controls surrounding these processes are adequate.

• Develop, build & implement tools to analyze data to improve audit efficiency and

effectiveness,(including for risk assessments). Ultimately be a source for analytics that business

units adopt to provide business insights or for continuous auditing.

• Conduct audits or lead audit teams in operational / financial audits.

Operational Audits & Special Assignment

• Prepare kick-off presentation by determining audit objectives, audit scope and audit timelines, etc.

as per Group Internal Audit format.

• Determine the auditing procedures to be used, including statistical sampling and the use of

electronic data processing tools.

• Guide and instruct auditors assigned to the audit, and review their work for sufficiency of scope

and for accuracy; leading the audit team to optimal performance

• Coordinate with process owners during the field work and timely report to Assistant Manager/Audit

Manager on any foreseen delays.

• Update the VP/Head or Senior Manager about the audit status including briefing on high risk areas

identified during the audit.

• Direct, counsel, and instruct auditors assigned to the audit, and review their work for sufficiency of

scope and for accuracy; leading the audit team to optimal performance.

• Perform quality review the working papers prepared by subordinates.
• Review the draft audit report and perform detail review before reporting of deliverable to VP/Head

or Senior Manager.

• Coordinate with process owners to receive responses on the draft report and review the action

plans to finalize the report, prepare executive summary to share with Senior Management, send

post audit survey and receive feedback on the report.

• Carry out assignment appraisals for subordinates.
• Ensure the quality assurance review of all audit deliverables in completed after the assignment.
• Provide advisory services for new process changes, business changes, etc.
• Perform detail review of all the evidences and system records as part of investigations assigned by

the Senior Audit Manager.

• Prepare detail report with facts and figures for the investigations carried out and monitor the action

plan.

• Carry out special assignments requested by Executive Management including analysis,

preparation of management dashboards, facts finding report, etc.

• Track implementation of pending action plans against Internal Audit recommendations, prepare

follow-up presentations for the management, review the follow-up testing carried out by

Subordinates.

• Manages the development and maintenance of auditee and staff relationships through individual

contacts and group meetings.

• Provide guidance to Internal Auditor in conducting audits and other audit related issues

Please refer the Job description for details