Currently internal audit consists only of one person (head) so a person will co-lead internal audits as per agreed audit plan. As the internal audit function is new and the company is very dynamic there might be changes to the plan. However, potential areas to be covered by the audit are (sub)contractors management, (IT) security related processes and controls, asset management, financial processes. Due to the company’s profile, there is a high focus on IT Security. Also, as the company consists of a few merged companies, they are on the journey to mature and scale up the processes.
Head of GIA is based in Copenhagen but the company’s operations cover Denmark, Sweden, Norway, Germany (limited scope in DE). Audit engagements cover all the locations, and therefore a person can be based in DK, SE or NO. Remote work is also possible.
The person will support engagements starting from planning, fieldwork and reporting.
Responsibilities within planning stage:
Identify key contact persons
Develop audit program
Develop audit procedures
Issuing audit engagement letter
Prepare for or organize/participate in audit opening meeting and closing meeting- execute audit program
Interview, walkthroughs- gather evidence and document audit procedures (no GRC tools so documentation is excel/words based)
Status updates with auditees
Prepare draft audit report
Gather management responses
Issue final audit report
There will be close cooperation with the Head of GIA who is also learning on the the job and is new to the company. Both shall work as one team and learn from each other.
Experience of internal audit function, preferably in the telecom industry
Knowledge and experience in IT Security and (sub)contractors related audits
Very good level of English and one of the Scandinavian languages
Good skills to prioritize and organize tasks
Experience in projects aiming to improve process and establish controls
Risk-oriented mindset to be able to identify unmitigated risks at the same time being able to calibrate identified risks and gaps to company’s risk appetite and strategic objectives
Eager to work in dynamic environment with fast pace of changes
Eager to work in environment where not all processes and controls are established
Good communication skills and eagerness to interact with different stakeholders, functions