Integrated into the Group Internal Control and Audit Department, you will work closely with IT teams and other operational departments. Your responsibilities will focus on risk management, IT auditing, and internal control. In this capacity, your key tasks will include:
- Contribute to the development and ongoing update of the information systems risk mapping by identifying and assessing risks inherent to processes and IT systems (e.g., access rights, segregation of duties, financial information production, etc.).
- Define action plans to address identified risks effectively.
- Conduct IT audits to ensure the compliance and efficiency of implemented actions.
- Design and automate IT general controls (ITGC) and application controls (ITAC) to identify deficiencies in the internal control of information systems.
- Identify areas for improvement and provide pragmatic recommendations in cases where internal control mechanisms are insufficient, with a focus on continuous improvement.
- Assist in and support the smooth execution of external IT audit engagements (e.g., statutory auditors).
- Monitor the implementation of recommendations issued during both internal and external IT audits on a regular basis.
- Act as an advisor and provide guidance to operational teams in the implementation of IT internal controls (tools, software, action plans, etc.).
- Participate in the digitalization initiatives of the internal control and audit department, as well as the deployment of GRC (Governance, Risk, and Compliance) tools and data analysis solutions aimed at risk prevention, identification, and resolution.
- Develop key performance indicators (KPIs) and reports to monitor and evaluate the effectiveness of the internal control system, facilitating informed decision-making.
- Please note that this description outlines the primary responsibilities and is not exhaustive.