This will be a key role in a team responsible for all aspects of Risk Management and IT Controls, including risk assessments, planning, documentation, testing of IT Controls, and any follow-ups to ensure mitigation of any failures and weaknesses. The role will be part of a risk and controls testing team, reporting to the Head of IT Governance and will support the continuous development of a new IT risk and internal control framework across the entire IT function.
- Support the development and maintenance of a controls culture across IT, including continuous communication with controls operators and owners across the IT function
- Engage with control owners and operators in order to test ISO27001 and COBIT internal controls and to improve the facilitation of testing and audits. Review, evaluate and document internal controls, including the adequacy of documentation and design effectiveness assessment through review of documents and meeting Control Owners
- Undertake routine discussions with key stakeholders on IT control testing outcomes and action plans, and ensuring risk remediation/control improvement objectives are addressed by the actions
- Support the shaping, development and continuous improvement of controls frameworks across the business's core processes and systems
- Routinely engage with Internal and External auditors, as well as internal control owners/operators to ensure the timely provision of audit information. Support the day to day relationships with External Auditors