IT Audit Manager
玛泽咨询(上海)有限公司
- 公司规模:500-1000人
- 公司性质:外资(欧美)
- 公司行业:会计/审计
职位信息
- 发布日期:2022-06-28
- 工作地点:北京-朝阳区
- 工作经验:5-7年经验
- 学历要求:本科
- 职位月薪:2.6-3万
- 职位类别:审计经理/主管
职位描述
一、Job Responsibility & Accountability:
1. Create, develop and lead an IT audit practice for mainland China
创建、开发并领导中国大陆地区的IT审计业务
2. To serve both internal and external clients:
为内外部客户提供服务:
(1)Internal clients:
内部客户:
o Assist audit teams in planning, performing and managing audit assignments by examining the IT General Controls related to the IT infrastructure and the IT Application Controls to assess the risks in information systems and corresponding implications for the audit; report findings and provide recommendations to improve effectiveness of the IT environment
协助审计团队进行审计计、执行和管理审计项目,检查IT基础设施相关的IT一般控制和IT应用控制,评估信息系统存在的风险及其对审计的影响,报告审计发现并为完善IT环境效力提供建议
o Assist audit teams through the development and implementation of Computer Assisted Audit Techniques – data analysis tools (ACL, Scan D, Access, Excel, etc.)
协助审计团队开发应用计算机辅助审计技术—数据分析工具(ACL,Scan D, Access, Excel 等)
(2)External clients:
外部客户:
o Develop, market, sell and deliver additional service offers to existing Mazars clients, as well as to “greenfield” clients in the following areas:
开发市场,向玛泽现有客户以及如下领域的“待开发”客户销售并提供额外的服务
3. IT Advisory
IT咨询
(1)Strategy & governance:
战略与治理:
o IT governance;
IT治理
o project management & SDLC reviews;
项目管理与SDLC审查
o IT strategy, policies and procedures;
IT战略、政策与程序
o IT change management;
IT变更管理
o IT risk assessment;
IT风险评估
o vendor evaluation;
供应商评估
o compliance monitoring.
合规性监督
o IT security:
IT安全:
o security reviews & control assessments;
安全审查与控制评估
o vulnerability & risk assessment;
缺陷与风险评估
o network & application security;
互联网与应用安全
o compliance monitoring;
合规性监督
o infrastructure & information security;
基础设施与信息安全
o physical & environmental security;
物理与环境安全
o access control reviews;
接入控制审查
o network security reviews ;
互联网安全审查
o firewall and IDS controls.
防火墙与IDS控制
o Asset management:
(2)资产管理:
o asset management solutions;
资产管理解决方案
o operations & performance evaluation;
运营与绩效评估
o cost optimization plans.
成本优化规划
o Business continuity:
永续经营:
o disaster & recovery management;
灾难与复原管理
o continuity & high availability solutions.
持续性与高实用性解决方案
o Risk management & compliance:
(3)风险管理与合规:
o third party compliance ‐ SAS 70;
第三方合规—SAS70
o SOX Reviews.
萨班斯法案审查
o ERP & IT application services:
ERP与IT应用服务:
o ERP & implementation partner selection;
ERP及实施合作伙伴选择
o application control effectiveness;
应用控制有效性
o pre‐go live reviews;
上线前审查
o post implementation reviews;
实施后审查
o ERP effectiveness reviews.
ERP有效性审查
3. Assistance to other business units
协助其它业务部门
(1)Forensic
法鉴
(2)Governance, Risk and Internal Controls
治理、风险和内控
(3)Transaction Services / Due diligence交
易服务/尽职调查
(4)Corporate Finance / IPO
企业金融/首次公开发行
二、Job Requirements:
? Bachelor or Master degree with an IT or Accounting related major;
IT或审计相关专业学士或硕士学位
? Minimum 5 years of work experience in the IT Audit field in an international audit firm;
国际会计师事务所IT审计领域至少5年的工作经验
? Experienced in ERP-systems (SAP, Oracle, etc.);
具有ERP系统(SAP, Oracle 等)经验
? Familiar with IT Audit standards and frameworks (ISA, COBIT, COSO etc.);
熟悉IT审计准则及框架(ISA, COBIT, COSO等)
? Fluent in Mandarin and English (speaking & writing);
中英文(口语及书面)流利
? CISA (Certified Information Systems Auditor) certified;
注册信息系统审计师资格
? Interest and strong understanding of business processes / accounting;
充分理解并对业务流程/会计感兴趣
? Willing to travel;
愿意出差
? Client-facing skills
面向客户的技能
? Experienced in Microsoft office (Word, Excel, Power Point).
熟练微软办公软件(Word, Excel, Power Point)
公司介绍
联系方式
- Email:sh@mazars.cn
- 电话:13585575360