Manager, IT Audit

time left to apply End Date: July 31, 2025 (30+ days left to apply)

job requisition id 24120075

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

Purpose:

Assists the GwIA Senior Management Team in providing the Group, Regional and Local Business Unit (LBU) Board and Management assurance on company’s internal controls and identifying opportunities for improvement over all aspects of the business.

Job Scope:

A member of the global IT audit team, responsible for:

• Assisting to develop and continuously review the half-yearly risk based audit plan for Prudential, aligned to LBU strategy
• Lead or support in delivering the assigned audit which includes entire audit process from planning to issue assurance and closure
• Other GwIA driven initiatives

Principal accountabilities:

To provide value adding contribution to audit reviews of processes, controls and systems, within Prudential and across the other business units in the Group as required:

Project/Audit Execution:

• Deliver good quality audit assignments in line with GwIA audit methodology, Group requirements and standards, resulting in accurate and complete identification of issues
• Execute the audits in the approved audit plan including risk assessment and control management over operations’ effectiveness and compliance with all applicable standards and regulations
  • Understand the business, risk and controls through information gathered on the audit scope area, involvement in walkthroughs and discussions with management
  • Review the adequacy and efficiency of the controls in place via review of documented procedures and conducting audit testing
  • Working papers are documented properly in accordance with GwIA Audit Methodology and approved within the established deadline
  • Responsible for discussing the audit report and findings with senior management and ensuring that appropriate responses are obtained for each issue raised in the report, including demonstration of good conflict management skill and remaining professional when criticised
  • Draft internal audit report for discussion with GwIA management and auditee management, including display of good and concise presentation of issues/risks
  • Monitor progress and adequacy of actions taken to rectify and close out audit issues
• As an audit in-charge, take responsibility of the assignment and demonstrate good project management skill when planning for audit assignments, which includes resource allocations and scheduling, communicate objectives to key stakeholders, identify focus areas, formulate review strategies and the audits are delivered on time
• As an audit in-charge, manage a team of auditors on an audit assignment basis, with responsibility for coaching and mentoring individuals and providing feedback on performance following completion of each assignment
• Demonstrate the ability to evaluate, synthesise, organise and interpret data and information
• Seek opportunities to increase the use of data analytics testing by adding new tests to the data analytics library
• Continuous monitoring of emerging risks and key changes to the businesses, and are factored in the risk assessment of the audit planning process

Self-Development:

• Keeps abreast of new information and developments in the industry or best practices in auditing (e.g., by reading, liaising with organization and business core group contacts, or by attending learning and training events)

Relationship Management:

• Routinely engages and meets business stakeholders as part of GwIA continuous monitoring activities
• To promote GwIA and the service it provides by building strong and effective working relationships with senior management, other staff and external auditors

Reporting and Management Information

• At the request of the GwIA Management, assist in the preparation of internal audit reports and papers for Board and Management committee reporting, on the status of the audit plan, audit results and issues status

Core Competences Required:

• When assigned as audit lead or technical expert, to serve as a technical advisor and role model for the auditors on assignment
• Demonstrate the ability to listen, understand and respond effectively. Willing to engage in constructive conversation with others
• Work co-operatively within diverse teams, work groups and collaborate with other departments across the organization to achieve group and organizational goals
• Display self-confidence when take on responsibilities and dealing with key stakeholders
• Facilitate teamwork by contributing to team effort, sharing responsibility for team results, and exhibiting a positive attitude
• Accept ownership and responsibility, including taking on additional responsibilities to help the team’s objectives

Education and Experience:

• Post Qualification - at least 5 years relevant experience in 2nd or 3rd line (will consider 1st line on a case to case basis), management (including staff management) experience an advantage
• One or more relevant technical certifications (e.g. cyber, cloud, tech risk, project management)
• Preferred industry (in order of priority)

  Financial services (Banking, Insurance etc)

  Consultancy (e.g. Big-4, Accenture etc) – Technical Advisory, Internal audit services

  Tech Companies (Digital Fintech, Digital Banks etc)

• Experience in auditing at least half of the following areas:
  • IT governance and risk management
  • Transformation and programme/project management
  • Cybersecurity (e.g. cyber frameworks, tools, operations)
  • Identity and access management
  • Cloud (PaaS, IaaS, and SaaS)
  • IT infrastructure (e.g. network, platforms, middleware, databases)
  • IT operations (e.g. data centre, backups, batch processing, incident management)
  • Resilience (e.g. business continuity, disaster recovery, operational resilience)
  • Application development and change (e.g. SDLC, DevSecOps, CI/CD)
  • Third party management
  • Data privacy
  • Data governance
• Experience in the following will be an added advantage: Agile development, API management, containerization, AI governance, RPA, coding background, data analytics capability
• Known as an SME in own functional area and is often sought after for advice / consultation
• An awareness of current and emerging industry risks within financial services and a clear appreciation of the regulatory environments within the industry
• Apart from business-as-usual audit work, have track records of delivering impactful initiatives / products which have helped elevate the function (e.g. helped automate a certain manual process / delivered an automated dashboard for more efficient risk identification etc.) will be advantageous
• Good understanding of the local regulations
• Possesses good verbal and written communication skills
• Demonstrable experience of influencing and challenging senior management and building excellent relationships
• Track record of producing value-adding, commercially realistic recommendations in risk, consultancy or internal audit environment
• Leading edge risk management knowledge and expertise
• Relevant industry experience
• High attention to detail and rigorous thinking ability
• Good Team player, who can gain the professional respect of the team

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.

We are Prudential. For Every Life, For Every Future.

Prudential plc provides life and health insurance and asset management to 18 million customers across 24 markets in Asia and Africa.

We are headquartered in London and Hong Kong and are focused on four strategic regions: Greater China, ASEAN, India and Africa. We are served by around 68,000 average monthly active agents and more than 200 bank partners.

Prudential plc is not affiliated in any manner with Prudential Financial, Inc., a company whose principal place of business is in the United States of America or with the Prudential Assurance Company, a subsidiary of M&G plc, a company incorporated in the United Kingdom.