Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
A member of the regional IT audit resource pool (which is based in KL, Singapore and Hong Kong), responsible for:
1. Assisting the IT Audit Director to develop and continuously review a 6-monthly risk-based audit plan for IT portfolio in Prudential, aligned to BU strategy.
2. Performing and managing the delivery of a portfolio of audits within the area of responsibility in line with agreed audit plan, continuously reviewing to ensure alignment between audit strategy and business strategy.
3. Supporting the Audit leadership team in executing a range of continuous improvement, administrative and reporting tasks needed to meet GwIA stakeholder requirements.
4. Requirements to travel in Group locations across Asia is medium (25-30%).
Function:
Group-wide Internal Audit (GwIA)
Team:
Information Technology (IT)
Job title:
Senior Manager (IT), Audit
Reports to:
Either Assistant Director or Director of IT Audit
Location:
Based in Malaysia with requirement to travel to local business units and other Group locations (approximately 20-40% of the time)
Organisation Profile:
Prudential plc provides life and health insurance and asset management to 18 million customers across 24 markets in Asia and Africa. We are headquartered in London and Hong Kong and are focused on four strategic regions: Greater China, ASEAN, India and Africa. We are served by more than 120,000 active agents, over 200 bank partners and 27,000 bank branches. Our purpose is to be partners for every life and protectors for every future. At Prudential, it is our mission to be the most trusted partner and protector for this generation and generations to come, by providing simple and accessible financial and health solutions.
Purpose:
Assists the GwIA Senior Management Team in providing the Group, Regional and Local Business Unit (LBU) Board and Management assurance on company’s internal controls and identifying opportunities for improvement over all aspects of the business.
Job Scope:
A member of the global IT audit team, responsible for:
- Assisting to develop and continuously review the half-yearly risk based audit plan for Prudential, aligned to LBU strategy
- Lead or support in delivering the assigned audit which includes entire audit process from planning to issue assurance and closure
- Other GwIA driven initiatives
Principal accountabilities:
To provide value adding contribution to audit reviews of processes, controls and systems, within Prudential and across the other business units in the Group as required:
Project/Audit Execution:
- Manage the delivery of a portfolio of audit assignments and deliver good quality audit assignments, in line with GwIA audit methodology, Group requirements and standards, resulting in accurate and complete identification of issues
- Take responsibility of audit assignment execution and demonstrate good project management skill when planning, which includes resource allocations and scheduling, communicate objectives to key stakeholders, identify focus areas, formulate review strategies and the audits are delivered on time
- Execute the audits in the approved audit plan including risk assessment and control management over operations’ effectiveness and compliance with all applicable standards and regulations
- Understand the business, risk and controls through information gathered on the audit scope area, involvement in walkthroughs and discussions with management
- Review the adequacy and efficiency of the controls in place via review of documented procedures and conducting audit testing
- Working papers are documented properly in accordance with GwIA Audit Methodology and approved within the established deadline
- Responsible for discussing the audit report and findings with senior management and ensuring that appropriate responses are obtained for each issue raised in the report, including demonstration of good conflict management skill and remaining professional when criticised
- Draft internal audit report for discussion with GwIA management and auditee management, including display of good and concise presentation of issues/risks
- Monitor progress and adequacy of actions taken to rectify and close out audit issues
- Manage a team of auditors on an assignment basis, with responsibility for coaching and mentoring individuals and providing feedback on performance following completion of each assignment
- Demonstrates the ability to develop and execute a comprehensive data analytic test plan for audits
- Seeks opportunities to increase the use of data analytics testing by adding new tests to the data analytics library
- Continuous monitoring of emerging risks and key changes to the businesses
- Assist in the development of the risk based audit plan in consultation with other auditors and business management, are aligned with audit and company’s strategies
Self-Development:
- Keeps abreast of new information and developments in the industry or best practices in auditing (e.g., by reading, liaising with organization and business core group contacts, or by attending learning and training events)
Relationship Management:
- Maintains good working relationships with all GwIA senior management team
- Routinely engages and meets business stakeholders as part of GwIA continuous monitoring activities
- To promote GwIA and the service it provides by building strong and effective working relationships with senior management, other staff and external auditors
Reporting and Management Information:
- As part of proactive planning or at the request of the GwIA Management, prepare the internal audit reports and papers for Board and Management committee reporting (and participate in such meetings as required), on the status of the audit plan, audit results and issues status
Core Competences Required:
- When assigned as audit lead or technical expert, serve as a technical advisor and role model for the auditors on audit assignment
- Undertake proactive measures to understand and respond to Senior Management and Audit Committees expectations
- Demonstrate the ability to listen, understand and respond effectively. Willing to engage in constructive conversation with others
- Work co-operatively within diverse teams, work groups and collaborate with other departments across the organization to achieve group and organizational goals
- Display self-confidence when take on responsibilities and dealing with key stakeholders
- Facilitate teamwork by contributing to team effort, sharing responsibility for team results, and exhibiting a positive attitude
- Accept ownership and responsibility, including taking on additional responsibilities to help the team’s objectives
- Seek industry / specialist training and stay informed about new developments
Education and Experience:
- Post Qualification – At least 8 years relevant experience in 2nd or 3rd line (will consider 1st and 2nd line on a case to case basis), people management experience an advantage
- Relevant degree (e.g. Computer Science, Information Systems, Accounting)
- One or more relevant technical certifications (e.g. cyber, cloud, tech risk, project management)
- Experience in auditing the majority of the following areas:
- IT governance and risk management*
- Transformation and programme/project management
- Cybersecurity (e.g. cyber frameworks, tools, operations)
- Identity and access management
- Cloud (PaaS, IaaS, and SaaS)
- IT infrastructure (e.g. network, platforms, middleware, databases)
- IT operations (e.g. data centre, backups, batch processing, incident management)
- Resilience (e.g. business continuity, disaster recovery, operational resilience)
- Application development and change (e.g. SDLC, DevSecOps, CI/CD)*
- Third party management*
- Data privacy
- Data governance
- Experience in the following will be an added advantage: Agile development, API management, containerization, AI governance, RPA, coding background, data analytics capability
- Known as an SME in own functional area and is often sought after for advice / consultation
- An awareness of current and emerging industry risks within financial services and a clear appreciation of the regulatory environments within the industry
- Apart from business-as-usual audit work, have track records of delivering impactful initiatives / products which have helped elevate the function (e.g. helped automate a certain manual process / delivered an automated dashboard for more efficient risk identification etc.)
- Good understanding of the local regulations
- Possesses good verbal and written communication skills
- Demonstrable experience of influencing and challenging senior management and building excellent relationships
- Track record of producing value-adding, commercially realistic recommendations in risk, consultancy or internal audit environment
- Leading edge risk management knowledge and expertise
- Relevant industry experience
- High attention to detail and rigorous thinking ability
- Good Team player, who can gain the professional respect of the team
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.
Read Full Description