Associate Director, Information Risk Management, IT Audit

  • Location

    Hong Kong

  • Sector:


  • Job type:


  • Salary:


  • Job ref:


  • Published:

    10 days ago

  • Expiry date:


  • Client:


In KPMG’s Audit practice, we place Information Risk Management (IRM) at the heart of our Audit process and recognize the vital role that Information Technology plays for both our clients and the effectiveness of Audit as a function. Our team in Hong Kong represents a dynamic and enthusiastic team that always pushes itself to succeed. 

IRM specialists assist engagement teams in determining the effect of information technology (IT) related risks on the audit, understanding these risks in relation to the IT control environments over the relevant financial reporting related applications and platforms, and determining an audit approach to respond to the risk of material misstatement as a result of the IT risks relevant to the financial statement audit. Our professionals do this by leveraging our strong industry, IT control and technology focus and experience; deploying leading methodologies and tools; applying our objectivity; using a balanced approach to growth and risk; utilizing our comprehensive global breadth and local knowledge; and calling upon our deep understanding of relevant business, financial, and regulatory inter-dependencies. 

We are now seeking an Associate Director to join the team. The individual will help the Lead Partner to manage the team, engagements and client relationships. 
This role has operational accountability and responsibility to guide, manage, oversee and supervise the IRM resources assigned to audit engagements. The role provides technical, operational and audit quality leadership to the IRM professionals. The individual should demonstrate a strong tone and culture supporting audit quality through a commitment to maintain objectivity, professional skepticism, ethics and integrity. 


- Evaluate the design and effectiveness of clients’ IT controls throughout the business cycle and identify performance improvement opportunities 
- Manage scoping, financial management, delivery risk management and the initial review of deliverables 
- Complete task and deliverables to a high quality standard as part of the audit engagements – working to an agreed plan, budge and quality
- Lead engagements in a timely manner, coach team members and deliver value-added assurance services to clients
- Identify and communicate IT audit findings to senior management and clients 
- Identify and use the most appropriate IRM technology tools to complete and document audit work 
- Actively identify and progress business development opportunities, as well as manage sales activities such as proposal writing and assisting with client presentations 
- Promote commitment to quality, including recognizing and reinforcing the importance of legal and regulatory requirements, professional ethics, KPMG Core Values and code of conduct to the teams
- Set and communicate audit quality expectations and accountability for their teams
- Promote a collaborative culture encouraging constructive working relationships with the audit team and others 
- Monitor the availability of IRM specialists with sufficient capacity ad ability to support audit engagements in conjunction with the Audit Partner
- Determine that the IRM engagement team has the appropriate proficiencies, resources, tools and capabilities deployed to drive audit quality
- Build and manage client relationships (typically with Chief Risk Officer and Chief Information Officer) 
- Develop internal networks and maintain excellent relationships with colleagues across KPMG


- At least 8 years’ experience in any of the following areas: internal or external IT Audit, risk assessment or business process reengineering. 
- Proven experience of successfully delivering IT audit and assurance services (including external / internal audits) to clients within a Big Four firm / Consulting firm
- Experience in business analysis and understanding of core business processes within industry sectors 
- Experience of systems environments within industry sectors 
- Recognised relevant qualification (e.g. CISA or HKICPA) 
- Bachelor’s / Master’s degree in an appropriate field from an accredited college / university 
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese) and exceptional interpersonal skills; able to gain the confidence and respect of senior level executives 
- Ability to identify and assess complex IT risks and controls, to relate them to the wider business environment 
- Excellent reporting and presentation skills and ability to express opinion clearly
- Ability to develop excellent client and internal relationships 
- Ability to deliver work within tight timelines, on budget and at a high level of quality 
- Strong teamwork ability and able to work independently

We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.

Personal data collected will be used for recruitment purposes only.

© 2020 KPMG, a Hong Kong partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved.