Internal Audit - IT Audit AVP

Introduction:

Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.

Overview:

S/he will contribute to audit risk assessment and perform detailed testing, evaluate management action plans, follow up on control issues, and update audit program, risk assessment and audit plans timely.

Responsibilities:

Include but are not limited to:

• Plan, design, and execute the audit coverage strategy of the IT and data quality and management programs, contribute to the US-wide audit risk assessments, and perform assigned audits by executing approved audit programs and questionnaires
• Review auditor work papers covering planning and fieldwork for sufficiency
• Influence the execution of other audits (business, control functions) with related risks
• Ensure the delivery of audit reports and Internal Audit feedback that is complete, insightful, timely, error free and concise
• Timely update audit programs, risk assessment and audit plans
• Recommend improvements in streamlining audit methodology and optimize the use of the audit workflow tool when available
• Establish and maintain relationships with senior internal stakeholders for the IT and data management and quality programs
• Coordinate with the Data Analysis Team in the design and implementation of continuous monitoring of the IT and data controls during integrated audits

• Evaluate management action plans to ensure the audit issue raised are adequately addressed
• Coordinate with key stakeholders to identify emerging and/or control issues affecting operation
• Perform issue tracking and risk-based validation of issues specific to IT program
• Follow up with counterparts to ensure control issues are resolved effectively

• Design the auditor professional development plan specific to related skills
• Provide coaching and on-the-job training to audit staff
• Serve as the department subject matter expert on IT risks and audit procedures to test these risks

Qualifications:

• A Bachelor’s degree is required, and an advanced degree is preferred
• Minimum 5 years of experience in IT risk/audit on IT infrastructure, application and system implementation is required for the AVP level
• Experience as a bank examiner, auditor, consultant or compliance professional with a strong understanding of IT risks, familiar with core banking systems, transactional platforms, workflow tools use for retail and commercial banking is required
• Experience in using computer assisted auditing tools to evaluate assertions is required
• Deep IT lifecycle expertise in order to perform pre-implementation reviews and to evaluate sufficiency of IT beyond operating effectiveness is required
• Familiarity with FFIEC regulatory standards, COSO, COBIT, ISO among others, for IT controls is required
• Capability and willingness to develop staff on technical and soft skills is required
• CPA, CIA, CISA, CRISC, CGEIT, CISSP, CISM and/or equivalent certifications are preferred but not required
• Bilingual capability in Mandarin is preferred but not required"

Pay Range

• USD $65,000.00 - USD $150,000.00 /Yr.