Shangri-La International Hotel Management Ltd.
Shangri-La Hotels and Resorts is a global leader in luxury hospitality with unique Asian heritage.
Headquartered in Hong Kong, we have over 100 hotels and resorts under four brands nested in key cities and beautiful beachfront locations globally. We are expanding rapidly with a strong development pipeline throughout Asia, the Middle East, Europe and Africa.
Regarded as one of the world’s finest hotel ownership and management companies, Shangri-La is dedicated to delight guests around the world with legendary service, finely tuned from over 45 years of hospitality from the heart. We have an affinity with Asian travelers and we offer them a gateway to the rest of the world, positioning us a leading brand in luxury hospitality.
As an enviable employer with industry leading levels of colleague engagement, our people are our priority. Our success is only made possible through the efforts and abilities of over 45,000 colleagues worldwide. In accordance with this belief, the focused investment we make in the learning and development of our colleagues is unparalleled in the global hospitality industry. From welcoming new colleagues, to best in class leadership development, you can be sure that potential is identified and nurtured throughout your career.
How you’ll contribute to the team:
- Develop a flexible IT audit plan using an appropriate risk-based methodology, including any risks, controls and concerns identified by management.
- Manage the preparation the initial audit report after completion of fieldwork and review the results and recommendations with management
- Partner with IT management to monitor IT project status and determine where and when Internal Audit should be involved.
- Perform Information Technology and System audits, including audits of IT governance, systems under development, IT security.
- Evaluation of key IT policies and procedures, information systems maintenance and support and integrity of information assets.
- Assist in the recruiting and retaining of IT audit resources.
- Evaluate, implement and document risks and controls with respect to key business processes.
- Effectively perform analysis and testing of financial, operational and technology (both IT General and Application) controls in accordance with requirements.
- Review existing software at hotels and work towards creating offsite audit platform for audit teams.
- Identify and control weaknesses and develop action plans to remediate the deficiencies.
- Effectively communicate audit findings to clients and senior management.
- Perform ‘Enterprise Risk Management’ audits which include reviews of the strategic risks facing the organization and the action plans to mitigate such risks.
- Evaluate the senior management response to these risks and summarized the findings for the Audit Committees.
- Assess service management and information technology strategic plans;
- Review data migration and data integrity;
- Review and assess IT general controls as well as internal control on financial management systems;
- Ensure ways of strengthening or improving auditing processes and practices are identified;
- Quality reviews on all internal audit activities in accordance with auditing guidance and standards
- Keep abreast of best practice and external developments in IT Internal Audit and ensure this learning is shared with the Internal Audit team and the Audit Committee.
What you will need to be considered:
- Recognized professional designation - CISA designation preferred and/or CIA, CMA, CGA, CPA, CA, CGAP, CFPI
- Undergraduate or Graduate degree in a relevant field (Information Systems, Accounting, Finance, Business, Economics, etc.);
- Minimum of 10 years’ experience in the audit of information technology and proven track record of strong performance in high-quality audit work.
- Significant understanding of modern Internal Audit and Risk Management Best Practice
- Experience of risk-based audit assessment within an internal control framework of a comparable size and complexity.
- Thorough knowledge of internal audit procedures, including risk driven audit planning techniques and methods used to examine, verify and analyze business and financial processes and information systems to the requirements of the Standards for the Professional Practice of Internal Auditing.
- Requires in-depth knowledge of IT and information security governance, network architecture and security, various types of infrastructure (e.g. servers, database environments, cloud technologies), system development methodologies, IT control frameworks, key platforms and third-party vendor management.
- Knowledge of forensics, fraud and other detection techniques and concepts.
- Team player able to effectively interact with members of management in managing project relationships which evidence leadership and strong negotiation skills.
- Demonstrated client-focused abilities;
- Ability to work in a team and under pressure;
- Ability to work in a fast-paced, client-focused environment.
- Must be proficient in risk and control analysis and audit concepts for multiple technologies, with desired experience across a full range of financial services products and specialized areas.
- Job type
- Starting in
- As soon as possible