IT Audit Manager

Location: Hong Kong
Job Type: Permanent
Industry: Retail & Corporate Banking
Reference: 33145
Job Published: April 27, 2020


  • Developing audit plans and programs of designated areas in IT Audit
  • Conduct risk assessments, audit planning, audit testing, control evaluation in the BAU departmental. Drafting reports, follow up and verify corresponding issues
  • Monitor cybersecurity development initiatives and performing continuous risk assessments of coverage areas
  • Develop Computer Audit Assisted Technique (“CAAT”)
  • Provide technical advice and support other general auditors in audits
  • Manage audit work in accordance with department and professional standards, and complete assignments in an efficient and effective manner
  • Enforce internal audit standards by promoting or documenting internal audit policies, procedures and manuals according to internal and external regulatory requirements
  • Provide recommendation for changes when required
  • Perform ad hoc projects and assignments as required directed by the Team Head, IT Audit or Chief Auditor
  • Stay up to date with evolving industry and regulatory changes which impacting the business and technology environment
  • Escalate emerging issues to management in a timely manner
  • Proactively communicate with the relevant business units to understand the latest risk exposure of relevant business and operation environment for conducting risk assessment
  • Update and maintain Audit system and provide advice to improve its efficiency and effectiveness 


  • Degree holder or equivalent in Accounting, Computer Science or equivalent to related disciplines
  • Minimum 4 years’ experience in IT audit preferable in a sizable financial institution
  • Holder of CSX-S, CSX-E, CISA, CISM, or CISSP is a must
  • Obtain Professional level qualification under HKMA ECF on Cybersecurity
  • Understanding of internal control concepts with ability to evaluate and determine the adequacy of controls by considering business and technology in an integrated manner
  • Knowledge of information security and information technology governance and assessment in banking industry
  • Good knowledge of major banking processes, IT controls and cyber security related regulatory requirements