IT Audit - AVP

  • DOE
  • New York, NY, USA
  • Permanent, Full time
  • Bank of China USA
  • 17 Apr 19

The incumbent will assist the IT Audit team for the design and execution of audit coverage for the Bank’s US IT audit program. The coverage responsibilities pertain to audits of IT systems, applications and operations, attendant risk undertaken in the lines of business and control functions.

Job Duties

Include but not limited to:

Enhance Audit Function

  • Execute and supervise audit coverage strategy of IT program
  • Contribute to US-wide IT audit risk assessment
  • Design and ensure implementation of testing of IT audit programs
  • Perform assigned audits by executing approved audit programs and questionnaires
  • Draft and ensure delivery of audit reports and IA feedback that is complete and insightful; prepare and distill summary of audit findings and recommendations; summarize issues in audit issue database

Report Correction

  • Evaluate management action plans to ensure that thy adequately address the audit issue raised.
  • Perform issue tracking and risk-based validation issues specific to the IT program
  • Follow up with business and compliance leaders and their teams to ensure control issues are effectively resolved
  • Coordinate with the key stakeholders to identify emerging issues and distill thematic or systemic control issues affecting the US operation

Audit strategy and progrom update

  • Update & recommend changes to audit programs, risk assessment, and audit plans
  • Collect and analyze information from regulators, head office, and other branches
  • Attend training for banking and IT related topics; develop and apply baseline knowledge of applicable banking laws, regulations and guidelines


Job Requirements

  • Bachelor’s degree or above in related majors
  • 7-10 years’ experience of work experience in auditing business application and system infrastructure at medium or large financial services organizations
  • Excellent abilities to build rapport with internal stakeholders and examiners
  • Hands on experience in ensuring documentary sufficiency of analytical procedures to support audit standards and Bank regulatory expectations
  • Experience as bank examiner, auditor, consultant or compliance professional with strong understanding of IT risk
  • Capability and willingness to develop staff, including new hires on IT auditing or technical skills