The Role Responsibilities
GIA represents the third line of defence and provides independent assurance of the effectiveness of management's control of business activities (the first line) and of the control processes maintained by the Risk Framework Owners and Policy Owners (the second line). GIA works with the Group's other control functions, such as Finance, Risk and Compliance, but does not place unqualified reliance on their work. GIA is an independent function whose primary role is to help the Board and Executive Management to protect the assets, reputation and sustainability of the Group.
As defined in the Audit Charter, all staff in GIA must exhibit the highest level of professional objectivity in gathering, evaluating and communicating information about the activity or process being examined. They must make a balanced assessment of all the relevant circumstances and not be unduly influenced by their own interests or by others in forming judgments. GIA will adhere to the Definition of Internal Auditing, the Core Principles for the Professional Practice of Internal Auditing, Code of Ethics and the Standards for the Professional Practice of Internal Auditing that are published by the IIA. It is expected that all members of GIA strive to operate as role models for the Group's valued behaviours. GIA methodology has defined "Habits of a Human Auditor" which are aligned to the Group's valued behaviours and communicated across the function.
There is a digital revolution underway that is changing the future of banking - increasingly, Banking is Technology. Financial Services firms are becoming ever more defined by their technology and ability to use it to deliver outstanding customer experiences. Ventures is the Group's new technology incubation and innovation ivision, looking to develop innovative new products and modern technologies to deliver world class digital experiences for our clients and customers.
In addition to the responsibilities defined in the Audit Charter, the Senior Audit Manager is expected:
To act as a Team Leader on assigned audit work involving the Ventures portfolio, including Business Ventures developed by Ventures, and others as required. This will entail managing auditors working on the audit to deliver the Audit Planning Memo, Controls Document, agree issues and action plans with management and submission of draft report to the Team Manager for review;
- To act as a Team Manager on assigned audit work involving the Ventures portfolio and take responsibility for overseeing the delivery of high quality audits, including finalising of audit issues and the audit report;
- To confirm that assigned audit work, as well as the work carried out by team members is executed in an efficient and effective manner, within the given budget and timelines, and in line with GIA methodology standards.
- To clearly identify the risks and impact of issues during issue writing, agreeing these issues with management and obtaining quality management action plans to mitigate the risks raised;
- To lead continuous monitoring of assigned portfolio areas, and to build and maintain engagement with stakeholders;
- To take responsibility for the design and implementation of department wide exercises such as annual planning, risk assessment and training;
- To support GIA audit teams by providing specific domain knowledge and expertise for audits relating to the individual's area of responsibility;
- To attend and present at formal committees and Group meetings on behalf of the Head of Audit or for their own area of responsibility, as required, e.g. Governance Committees and Non-Financial Risk Committees; and
- The individual will support the Head of Audit in their role as the GIA portfolio subject matter expert, depending on the skills of the individual.
- Issue validation: all audit issue action plans agreed during audit fieldwork should be tracked through to completion in accordance with methodology requirements
- As a Portfolio Champion for Ventures within GIA, the Senior Audit Manager is expected to drive the following for the portfolio assigned:
- Stakeholder meetings - Quarterly meeting notes
- Prepare Quarterly Continuous Risk Assessment updates
- Half-yearly sharing of portfolio updates to the GIA T&I Top Team, and to GIA MT when required
- Risk assessment and Audit Plan development
- Maintenance of Permanent Audit Files and Master PRCMs
- Socialisation of knowledge and updates to the wider team (e.g. organising and conducting webinar trainings, sharing of portfolio developments via memos, etc)
- To act as a Team Lead or Team Manager on assigned audit work involving the Ventures business, and others as required. This will entail managing the auditors working on the audit to deliver the Audit Planning Memo, Controls Document, agree issues and action plans with management and submission of draft report to the Team Manager for review;
- Provide clear guidance, detailed review and supervision of the audit team's work so that audit deliverables meet quality standards and timelines in line with the GIA methodology;
- Provide guidance on business/audit technical knowledge and management skills to team leaders and team members to enable them to effectively deliver their assigned contributions for an audit;
- Provide technical input and challenge on audit work being undertaken within the scope of assigned product / country area of responsibility. This will include working with the audit team to produce high quality outputs which address the risk;
- GIA methodology should be adhered to in all areas of the audit engagement, as well as raising team members' awareness and understanding of the methodology;
- Demonstrate sound knowledge of both business/technical areas and expert knowledge in the audit process, including the GIA system, to ensure that audit work is carried out to a high standard that meets all methodology and GIA system requirements;
- Take the lead in presenting the draft report in the GIA report review process (to the tollgate or report approver); and
- Have a thorough understanding of the regulatory landscape and to ensure that all key regulatory concerns are covered in the audit scope.
- Monitor the implementation/delivery of the agreed issues/audit plans for the audits assigned, understanding the key risks arising, provide advice on resolution of issues to auditees/action plan owners and escalate audit findings that remain unresolved.
- Experience in audit, governance, risk or in a business environment;
- Professional audit certification (CPA or CIA equivalent), CISA or other ISACA qualification would be an advantage
- Knowledge and interest in FinTech, Information and Cyber Security / Technology Operations / Data / would be an advantage
- Someone who is looking to work as part of an agile, dynamic team which is looking to take a key role in supporting the bank's agenda to disrupt through FinTech innovation.