Manager, Information Risk Management, IT Audit

Overview

KPMG China operates in 20 cities across China, with around 12,000 partners and staff in Beijing, Changsha, Chengdu, Chongqing, Foshan, Fuzhou, Guangzhou, Haikou, Hangzhou, Nanjing, Qingdao, Shanghai, Shenyang, Shenzhen, Tianjin, Wuhan, Xiamen, Xi’an, Hong Kong SAR and Macau SAR.

KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. We operate in 153 countries and territories, and have 207,000 people working in member firms around the world.

In KPMG’s Audit practice, we place Information Risk Management (IRM) at the heart of our Audit process and recognize the vital role that Information Technology plays for both our clients and the effectiveness of Audit as a function. Our team in Hong Kong represents a dynamic and enthusiastic team that always pushes itself to succeed. 

IRM specialists assist engagement teams in determining the effect of information technology (IT) related risks on the audit, understanding these risks in relation to the IT control environments over the relevant financial reporting related applications and platforms, and determining an audit approach to respond to the risk of material misstatement as a result of the IT risks relevant to the financial statement audit. Our professionals do this by leveraging our strong industry, IT control and technology focus and experience; deploying leading methodologies and tools; applying our objectivity; using a balanced approach to growth and risk; utilizing our comprehensive global breadth and local knowledge; and calling upon our deep understanding of relevant business, financial, and regulatory inter-dependencies.

We are now seeking a Manager to join the team. The role is client-focused and involves planning, supervising and delivering IT audit and assurance-based engagements for clients, with a focus on audit quality. The role entails being responsible for completing all aspects of the engagement lifecycle, including engagement execution and delivering, supervision and coaching of junior staff, transferring technical knowledge, writing reports, and communicating with engagement partners. The role also has operational accountability and responsibility for the quality of the work in performing information technology audit assistance work.

Responsibilities

• Plan and execute the day-to-day activities of IT audit and assurance engagements
• Complete task and deliverables to a high quality standard as part of the audit – working to an agreed plan, budge and quality
• Keep senior IRM members informed of significant developments and progress on the engagement 
• Coach junior staff on engagements and provide proper feedback
• Identify and use the most appropriate IRM technology tools to complete and document audit work
• Assist with scoping, financial management, delivery risk management and the initial review of deliverables
• Identify and communicate IT audit findings to senior management and clients
• Help identify performance improvement opportunities for assigned clients
• Conduct fieldwork and manage small project teams to deliver value-added assurance services to clients
• Develop internal networks and maintain excellent relationships with colleagues across KPMG, in particular in the wider Consulting, Audit and Advisory areas
• Promote a collaborative culture encouraging constructive working relationships with the audit team and others

Qualifications

• Proven experience of successfully delivering IT audit and assurance services (including external/internal audits) to clients within a Big Four firm (or five years’ experience in any of the following areas: internal or external IT audit, risk assessment or business process reengineering)
• Experience in business analysis and understanding of core business processes within industry sectors
• Experience of systems environments within industry sectors
• Recognised relevant qualification (e.g. CISA or HKICPA)
• Bachelor’s/Master’s degree in an appropriate field from an accredited college/university
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese) and exceptional interpersonal skills; able to gain the confidence and respect of senior level executives
• Ability to identify and assess complex IT risks and controls, to relate them to the wider business environment and express opinions clearly to all levels of staff
• Excellent reporting and presentation skills
• Ability to deliver work within tight timelines, on budget and at a high level of quality
• Strong teamwork ability and able to work independently

We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.