IT Risk & Controls Analyst

Titolo: IT Risk & Controls Analyst
Tipologia di contratto: Permanent
Luogo: London, England
Stipendio: £50000 - £650000 per annum
Arbitro: 1042312_1576832245
Nome del contatto: Fiona Prescott
Contatto email:
Lavoro pubblicato: mesi 9 fa

Descrizione del lavoro

This will be a key role in a team responsible for all aspects of Risk Management and IT Controls, including risk assessments, planning, documentation, testing of IT Controls, and any follow-ups to ensure mitigation of any failures and weaknesses. The role will be part of a risk and controls testing team, reporting to the Head of IT Governance and will support the continuous development of a new IT risk and internal control framework across the entire IT function.

Principal accountabilities:

  • Support the development and maintenance of a controls culture across IT, including continuous communication with controls operators and owners across the IT function
  • Engage with control owners and operators in order to test ISO27001 and COBIT internal controls and to improve the facilitation of testing and audits. Review, evaluate and document internal controls, including the adequacy of documentation and design effectiveness assessment through review of documents and meeting Control Owners
  • Undertake routine discussions with key stakeholders on IT control testing outcomes and action plans, and ensuring risk remediation/control improvement objectives are addressed by the actions
  • Support the shaping, development and continuous improvement of controls frameworks across the business's core processes and systems
  • Perform the testing of Design, Implementation and Operational Effectiveness of Internal Controls, including those managed by third party suppliers
  • Support preparation of (e.g. draft input to) committee packs for review by the Head of IT Governance and participate in appropriate risk forums and committees
  • With the Risk and Controls Manager, support the regime for controls self-assessment
  • Routinely engage with Internal and External auditors, as well as internal control owners/operators to ensure the timely provision of audit information. Support the day to day relationships with External Auditors