Ortigas Center, Philippines
2d ago
  • This TOR is to engage one (1) IT Controls Analyst to work on the Compliance Testing for several of the six (6) IT General Control (ITGC) Domains (Access to Program and Data, Application / Infrastructure Change, Application Development, Computer Operations, Entity Level and ITGC over Financial Reporting Spreadsheets) as part of OIST’s annual assertion and attestation exercise.
  • OIST’s IT Assurance team is solely tasked to do the Compliance Testing on the six (6) ITGC Domains across 35 functional areas.
  • The current resources under IT Assurance will not be able to complete all the walkthrough and testing procedures, therefore, this additional resource is needed.

    This resource should have extensive experience in reviewing ITGCs.

  • Furthermore, the IT Assurance Team is also working on other governance projects and tasks involving Risk Management, Controls Advisory and Audit Coordination.
  • This resource will also be working supporting the Audit Coordination work of the team.


    The IT Controls Analyst will report to the Associate IT Officer (IT Assurance) under the Advisor, OIST & Head, OIOD-GP. He / She will report full time during the engagement period at the company, located in Ortigas Center, Pasig.


    In close coordination with IT Assurance Team, the IT Control Testing Assistant will do the following :


    Conduct Annual Attestation in OIST

    Perform Walkthrough and Controls Testing of

    assigned ITGC Domains Compliance Testing Documentation

  • Compliance Testing Documentation for assigned
  • ITGC Domains

    Walkthrough Documentation

    Testing Results Documentation Update and enhance Risk Control Matrix

    RCM) based on the results of the

    Walkthrough or Controls Testing Risk Control Matrix

  • Updated Risk Control Matrix Assist in preparing the documents / reports
  • e.g. list of control deficiencies) needed by

    external auditor Summary of Audit Deficiencies (SAD)

  • List of control deficiencies, compensating controls
  • and conclusions on the control objective addressed

    by the control Prepare the electronic and manual Attestation

    working papers in the company-prescribed format Attestation Working Papers

  • Stand-alone and indexed working papers, including
  • the deliverables and evidence for the Readiness

    Review and Compliance Testing Provide the possible detailed next steps (e.g.

    testing of compensating, mitigating or

    alternative controls) for the company to accomplish in

    order to likely obtain a favorable opinion in the

    Attestation Detailed Attestation Compliance Next Steps

  • Specific options for the company to facilitate Attestation
  • compliance, including :

    recommended nature, extent and timing of test

    of specific compensating, mitigating or

    alternative controls to address control


    recommended update and year-end testing, if

    applicable Suggest recommendations for the company, OIST for

    the improvement of the ITGC processes and

    the Attestation approach for these processes Attestation Process Recommendations

  • Recommendations for the improvement of the ITGC
  • Domains

  • Recommendations for the improvement of the
  • Attestation approach for the company’s ITGC processes

    Support Audit Coordination Work

    Assist in scheduling audit meetings with units

    in OIST and auditors.Meeting invite

    Minutes of the Meeting Assists OIST in gathering evidences in

    preparation for the audit to be done by

    internal / external auditors. Audit Evidences Assists in developing and recommending key

    process steps that need to be implemented

    for compliance. Recommended key process steps Assist in doing follow-ups on the audit actions

    plans on the affected units. Audit Follow-ups / Status Updates / Updated

    Comments Assist in updating and managing a repository

    of compliance related information. Updated entries in the OIST Audit Tracking

    Database Assist in providing audit statistics (open,

    closed, pending, on-hold) Audit statistics


  • Assist in copy editing, rewriting and proofreading of document contents.
  • Automate and organize document templates and publishing procedures.
  • Perform other related tasks as required for the position.

  • Bachelor’s degree, preferably in Business Administration / Management, Accounting, Computer Science, Information Technology or Engineering
  • Broad range of knowledge of Information and Communications Technology as applied in an enterprise environment.
  • Knowledgeable on IT governance frameworks such as COBIT and ITIL
  • Have considerable knowledge and at least 5 years’ experience in identifying and reviewing IT controls, specifically IT General Controls.
  • Strong understanding of audit standards and procedures.
  • CISA certification is preferred.
  • Experience with SOX type review engagement is preferred.

  • Must be able to relate to large information-based organizations and comfortable dealing with senior executives from a variety of culture
  • Ability to understand and relate details of various compliance issues (people, technology, industry best practices, etc.)
  • Excellent written and oral English communication skills
  • Willing to work in a team, with long hours while under pressure
  • Very attentive to details and methodical with work
  • Ability to balance short and long-term priorities
  • Proficient in MS Office applications and with working knowledge on MS Project
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form