· At least 6 years of auditing experience.
· Knowledge of Corporate Governance principles and workings; must have a good understanding of how effective audit organisations and processes operate in a large international environment;
· Good understanding of AGS and ATS basic processes (related to Facilities Management, Finance, HR, Operations, Procurement, etc.).
· Familiar with fraud risks, detection and prevention techniques.
· Excellent report writing skills and ability to communicate complex issues clearly and concisely to non-technical persons.
· Fluent English, French is a significant plus.
In the IT area:
· High level expertise in internal control, risk management, and IT. Knowledge of key industry standards for IT (COBIT, ITIL, ISO 27000).
· Broad knowledge of IT general controls (information security & business continuity, IT operations, project & system development lifecycle methodologies) and application-level controls.
· Broad knowledge of main operating systems and technologies employed in AXA.
· Up to date knowledge and understanding of risks related to new and evolving technologies such as mobile, digital, cloud computing, etc.
Personal and behavioural skills:
· Ability to establish strong credibility and relationships with top management as well as staff.
· Results orientation with strong project management skills.
· Ability to work with a high level of autonomy in matrix and changing environments with shifting deadlines and priorities.
· Rigorous and fact oriented.
· High level of professionalism and integrity.
· Exposure to different cultures, audit practices and international business environments.
· Able to lead international, virtual and remotely located teams.
· Strong communication skills (verbal & written): able to communicate with people at all levels.
· establishing risk-based and Audit Committee approved audit plans;
· identifying improvement areas and potential issues before risks materialise;
· recommending efficient actions to be then implemented by management (at strategy, organisational, policy, process, and operational levels);
· monitoring the timely implementation of related corrective actions;
· launching and performing investigations in case of suspected fraud or irregularity;
· reporting to Executive Management, IAHO and the Audit Committee overseeing AGS and ATS.
Day to day audit activity:
· Maintain continuous awareness of IT and business risk environments in AGS & ATS.
· Ensure the quality of related audit and issue data stored in the CAPT tool.
· Lead investigatory activities as assigned by the CAE including regarding conflicts of interest, irregularities and suspected frauds; report investigations and results to the relevant CEO and the Global Head of Special Investigation.
Other AGS/ATS tasks:
· Maintain the CAPT settings for the AGS & ATS audit function.
· Monitor and ensure the quality and the completeness of the data stored in CAPT when it comes to AGS and ATS audits and issues to ensure accurate stakeholder reporting.
· Assist the CAE to prepare a range of ad-hoc reports for key stakeholders and committees including the Audit Committee, Internal Business Reviews, Regional COMEX and liaison meetings, IAHO metrics, etc.
· Assist the CAE on a number of other ad-hoc tasks (e.g. providing inputs as part of the annual risk assessment process).
GISP & IT Audit Practice Manager:
This domain of responsibility accounts for ~30% of the total workload and directly reports to the Deputy Group CAE
· Responsible for ensuring that the global Internal Audit methodology evolves in a way deemed appropriate, including when taking into account the GISP and IT Audit needs and constraints.
· Regularly attend the IT ALT meetings to discuss topical methodology matters, give and receive inputs.
· Secretary of the GISP & IT Audit Committee.
· Responsible for preparing the GISP and IT Audit reports (quarterly reporting to the Audit Committee, quarterly reporting of GISP metrics to the IAHO, GISP monthly reporting to the IAHO).
□ Local □ Regional x International
The Internal Audit department of AGS and ATS is responsible for auditing the global internal control environment of AXA Group Solutions and AXA Technology Services as well as for performing any relevant investigation across those entities. It belongs to the Group Internal Service Providers (GISP) Audit region, which also includes AXA Business Services. While a significant amount of the audits are technical IT audits there is also an important portfolio of non-IT areas to cover (e.g. finance, HR, procurement, facilities, etc.). Around 40 audits per year are managed by the team.
A risk assessment is undertaken each year to determine the audit plan for the following year as well as resource requirements. The audit plan is delivered leveraging auditors from the various Internal Audit regional pools. The use of virtual teams requires effective and efficient co-ordination and planning with the respective resource providers to ensure the audit plan is delivered in line with commitments to the Audit Committee.
The department follows Common Audit Processes defined by Internal Audit Head Office (IAHO) utilising a dedicated tool (CAPT) in compliance with Group Standards, the Professional Families Policy Manual (PFPM) for Internal Audit and the standards of the Institute of Internal Auditors (IIA).