Associate Director, Information Risk Management, IT Audit
KPMG China operates in 23 cities across China, with around 12,000 partners and staff in Beijing, Changsha, Chengdu, Chongqing, Foshan, Fuzhou, Guangzhou, Haikou, Hangzhou, Nanjing, Ningbo, Qingdao, Shanghai, Shenyang, Shenzhen, Suzhou, Tianjin, Wuhan, Xiamen, Xi’an, Zhengzhou, Hong Kong SAR and Macau SAR.
KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. We operate in 147 countries and territories, and have 219,000 people working in member firms around the world.
In KPMG’s Audit practice, we place Information Risk Management (IRM) at the heart of our Audit process and recognize the vital role that Information Technology plays for both our clients and the effectiveness of Audit as a function. Our team in Hong Kong represents a dynamic and enthusiastic team that always pushes itself to succeed.
IRM specialists assist engagement teams in determining the effect of information technology (IT) related risks on the audit, understanding these risks in relation to the IT control environments over the relevant financial reporting related applications and platforms, and determining an audit approach to respond to the risk of material misstatement as a result of the IT risks relevant to the financial statement audit. Our professionals do this by leveraging our strong industry, IT control and technology focus and experience; deploying leading methodologies and tools; applying our objectivity; using a balanced approach to growth and risk; utilizing our comprehensive global breadth and local knowledge; and calling upon our deep understanding of relevant business, financial, and regulatory inter-dependencies.
We are now seeking an Associate Director to join the team. The individual will help the Lead Partner to manage the team, engagements and client relationships.
This role has operational accountability and responsibility to guide, manage, oversee and supervise the IRM resources assigned to audit engagements. The role provides technical, operational and audit quality leadership to the IRM professionals. The individual should demonstrate a strong tone and culture supporting audit quality through a commitment to maintain objectivity, professional skepticism, ethics and integrity.
- Promote a commitment to quality, including recognizing and reinforcing the importance of legal and regulatory requirements, professional ethics, KPMG Core Values and code of conduct to the their teams
- Promote a collaborative culture encouraging constructive working relationships with the audit team and others
- Set and communicate audit quality expectations and accountability for their teams
- Monitor the availability of IRM specialists with sufficient capacity and ability to support audit engagements in conjunction with the Audit Partner
- Determine that the IRM engagement team has the appropriate proficiencies, resources, tools and capabilities deployed to drive audit quality
- Identify and use the most appropriate IRM technology tools to complete and document audit work
- Complete task and deliverables to a high quality standard as part of the audit engagements – working to an agreed plan, budge and quality
- Evaluate the design and effectiveness of clients’ IT controls throughout the business cycle
- Supervise and review engagements in a timely manner, coaching team members as part of that process
- Lead engagements and deliver value-added assurance services to clients
- Manage scoping, financial management, delivery risk management and the initial review of deliverables
- Identify and communicate IT audit findings to senior management and clients
- Help identify performance improvement opportunities for assigned clients
- Build and manage client relationships (typically with Chief Risk Officer and Chief Information Officer)
- Actively identify and progress business development opportunities, as well as manage sales activities such as proposal writing and assisting with client presentations
- Develop internal networks and maintain excellent relationships with colleagues across KPMG
- At least 8 years’ experience in any of the following areas: internal or external IT Audit, risk assessment or business process reengineering
- Proven experience of successfully delivering IT audit and assurance services (including external / internal audits) to clients within a Big Four firm / Consulting
- Experience in business analysis and understanding of core business processes within industry sectors
- Experience of systems environments within industry sectors
- Recognised relevant qualification (e.g. CISA or HKICPA)
- Bachelor’s / Master’s degree in an appropriate field from an accredited college / university
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese) and exceptional interpersonal skills; able to gain the confidence and respect of senior level executives
- Ability to identify and assess complex IT risks and controls, to relate them to the wider business environment and express opinions clearly to all levels of staff
- Excellent reporting and presentation skills
- Ability to develop excellent client and internal relationships
- Ability to deliver work within tight timelines, on budget and at a high level of quality
- Strong teamwork ability and able to work independently
We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.
Personal data collected will be used for recruitment purposes only.
© 2020 KPMG, a Hong Kong partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved.