· At least 6 years of auditing experience or 5 years of operational manager experience combined with 2 years of auditing experience.
· Knowledge of Corporate Governance principles and workings; must have a good understanding of how effective audit organisations and processes operate in a large international environment;
· Good understanding of AGS and ATS basic processes (related to Facilities Management, Finance, HR, Operations, Procurement, etc.).
· Familiar with fraud risks, detection and prevention techniques.
· Excellent report writing skills and ability to communicate complex issues clearly and concisely to non-technical persons.
· Fluent English, French is a significant plus.
In the IT area:
· High level expertise in internal control, risk management, and IT. Knowledge of key industry standards for IT (COBIT, ITIL, ISO 27000).
· Broad knowledge of IT general controls (information security & business continuity, IT operations, project & system development lifecycle methodologies) and application-level controls.
· Broad knowledge of main operating systems and technologies employed in AXA.
· Up to date knowledge and understanding of risks related to new and evolving technologies such as mobile, digital, cloud computing, etc.
Personal and behavioural skills:
· Ability to establish strong credibility and relationships with top management as well as staff.
· Results orientation with strong project management skills.
· Ability to work with a high level of autonomy in matrix and changing environments with shifting deadlines and priorities.
· Rigorous and fact oriented.
· High level of professionalism and integrity.
· Exposure to different cultures, audit practices and international business environments.
· Able to lead international, virtual and remotely located teams.
· Strong communication skills (verbal & written): able to communicate with people at all levels.
The AGS & ATS Internal Audit function aims to assist Senior Management in achieving its strategic objectives by providing expert independent assurance and advice. This encompasses:
· establishing risk-based and Audit Committee approved audit plans;
· identifying improvement areas and potential issues before risks materialise;
· recommending efficient actions to be then implemented by management (at strategy, organisational, policy, process, and operational levels);
· monitoring the timely implementation of related corrective actions;
· launching and performing investigations in case of suspected fraud or irregularity;
· reporting to Executive Management, IAHO and the Audit Committee overseeing AGS and ATS
Day to day audit activity:
· Maintain continuous awareness of IT and business risk environments in AGS & ATS.
· Represent Internal Audit on key AGS/ATS governance forums as well as with a selection of AGS/ATS non-ELT stakeholders (as assigned by the CAE);
· Ensure the quality of related audit and issue data stored in the CAPT tool.
· Lead investigatory activities as assigned by the CAE including regarding conflicts of interest, irregularities and suspected frauds; report investigations and results to the relevant CEO and the Global Head of Special Investigation.
Other AGS/ATS tasks:
· Share regular and detailed updates of changes and hot topics at AGS and ATS with the IT Audit Community (e.g. through ONE).
· Assist the CAE on a number of other ad-hoc tasks (e.g. providing inputs as part of the annual risk assessment process).
□ Local □ Regional x International
The Internal Audit department of AGS and ATS is responsible for auditing the global internal control environment of AXA Group Solutions and AXA Technology Services as well as for performing any relevant investigation across those entities. It belongs to the Group Internal Service Providers (GISP) Audit region, which also includes AXA Business Services. While a significant amount of the audits are technical IT audits there is also an important portfolio of non-IT areas to cover (e.g. finance, HR, procurement, facilities, etc.). Around 40 audits per year are managed by the team.
A risk assessment is undertaken each year to determine the audit plan for the following year as well as resource requirements. The audit plan is delivered leveraging auditors from the various Internal Audit regional pools. The use of virtual teams requires effective and efficient co-ordination and planning with the respective resource providers to ensure the audit plan is delivered in line with commitments to the Audit Committee.
The department follows Common Audit Processes defined by Internal Audit Head Office (IAHO) utilising a dedicated tool (CAPT) in compliance with Group Standards, the Professional Families Policy Manual (PFPM) for Internal Audit and the standards of the Institute of Internal Auditors (IIA).