View all jobs

IT Audit Consultant - August 2023

Remote, Remote
For one of our clients in the utilities industry we’re looking for a freelance IT Audit Consultant:
Project description:
This project is about improving the audit-readiness of the client’s IT function as well as reviewing and updating the Internal Controls for IT Systems. The background to the project is that an effective internal control system is required that is legally binding for the company. These controls need to adequately reflect the changing technical and economic environment, so that they require regular updates.
Aim of the project: Update of Internal Controls catalogue for IT Systems and introduction of these controls.

Task Description:
  • Consult the client management what documents need to be provided to the auditors in the context of IT General Controls (ITGC) Year End Audit activities. Present and share the consolidated results of the executed Internal Controls with the Auditor of the client.
    Collect written communication (email + PowerPoint slides + other written means of communication) for all relevant internal and external stakeholders (100+ people) that are documented in the internal Enterprise architecture system of their responsibilities in external IT Audits.
  • Inform all stakeholders about changes in the client’s internal controls framework and if IT application specific controls need to be adjusted. The information who is filling what role is captured in the client’s Enterprise Architecture System. For each IT application there is a defined group of people/roles that take care of managing and maintaining the IT application. These roles and their responsibilities are defined in the client’s Internal Control System. Affected IT applications are SAP systems, Energy Trading and Risk Management systems, Price Calculation Tools, Procurement Systems, Dispatch Systems.
  • Identify actual and potential control deficiencies and present the IT compliance status to the client based on the specified controls (approval of user changes). The “IT Compliance Status” consists of an overview of the identified and potential control weaknesses. The point of reference is the client’s defined IT Controls Catalogue. The updates will be on a monthly frequency. Present the results to the management. Used tools are MS Office tools.
  • Consult the client stakeholders on the IT audit results that affect them and propose suitable remediation measures.
  • Provide a set of written instructions that are part of the internal controls definition for defined control performers so that they understand what is expected of them in relation to internal controls.
  • Consult internal stakeholders on assessing IT compliance risks and defining adequate mitigating measures.
  • Consult the client’s IT management in the IT Roll-out of IT controls. Create documentation about the results and present it to the client.
  • Identify improvement measures / potential for automation controls. Create documentation with recommendation and present it to the client for a sign off.
  • English must have (business fluent)
  • German (nice to have)
  • Demonstrated work experience as IT audit and IT compliance practitioner, preferably at one of the “big four” auditing companies
  • Team player who is not afraid to step out of his/her comfort zone
  • Autonomous and diligent manner of working.
  • Strong communication skills
  • IT Project Management experience Advantage
  • SAP, in particular usage of SAP GRC and default SAP functions to ensure IT compliance responsibility
  • Knowledge of relevant assurance standards (e.g. ISAE, SOC) and standard frameworks relevant for the utilities and energy trading sector (e.g. KRITIS, ISO27001, EU GDPR etc.)

Project start: August 2023
Project location: remote
Project capacity: 25 hrs/week
Project duration: 6+ months


Share This Job

Powered by