Manager IT, Internal Audit
Ontario Power Generation
- Toronto, ON
- Permanent
- Full-time
- Schedule, plan, perform, and coordinate activities for IT and non-IT related audits. Liaise with management on the planned audit in such areas as timing of audit, area of coverage, identified issues, their concerns, etc.
- Provide guidance, coaching, and supervision to audit staff during audit engagements.
- Develop risk-based audit programs to meet the needs of the Board and senior management, considering corporate and IT business objectives, strategies, and risks.
- Plan and execute audit program, including the assessment of audit findings, as well as obtaining management responses and commitment to planned action plans.
- Assess the adequacy of internal control systems and processes, acquire, and analyze data, evaluate organizational and operational risks, and determine control deficiencies and impact.
- Prepare draft audit findings which identify areas or elements of client processes and controls that require improvement and obtain alignment with the client on findings and corrective action plans. Participate in discussions with client management in audit meetings.
- Report audit conclusions, recommended improvements, planned management actions, follow-up status to Business Unit Leaders.
- Review audit working papers assuring quality, adherence to standards, accuracy and completeness prior to finalization of the audit.
- Ensure that audits are completed in a timely manner and within budget.
- Monitor status and resolution of management actions in response to identified control gaps.
- Establish an effective working relationship with the OPG Digital & Technology Services team.
- Participate in the development and maintenance of the OPG IT audit universe and integrated IT audit plan (including services outsourced to the external service organization).
- Work with management to identify business (primarily IT) objectives and key risks to guide the ongoing development of the audit universe and plan.
- Participate in the development and implementation of a risk-based methodology used to identify and assess risk exposures and key controls related to the business environment in accordance with standards and guidance issued by IIA, ISACA, IT Governance Institute and other applicable professional organizations.
- Identifying emerging IT risks and new developments in IT audit methodology.
- Provide operational audit team members with guidance and on-the-job training relative to IT audit testing.
- Provide the Senior Manager, Internal Audit with assessments and recommendations concerning the control activities within the Corporation, as well as other suggestions, resulting from audits that have a bearing on internal control policies or procedures.
- Develop a network and liaise with key representatives in OPG and the industry on an ongoing basis regarding audits relative to plans, objectives and results of the audit work. Work with third party provider and representatives in Chief Information Office (CIO) to review background information and other documentation to support audits.
- Participate in the development and implementation of IT audit methodology that adheres to audit standards.
- As required, conduct preliminary reviews and participate in formal investigations, in consultation with Law, Security and Labour Relations, of alleged violations of OPG's Code of Business Conduct, including those raised through OPG's process for treating complaints related to accounting controls or audit matters.
- Bachelor's Degree in Accounting, Computer Science, Finance, Business Administration or related field
- Completion of a professional IT audit designation is required, (e.g. CISA, CISSP)
- Demonstrated understanding of the IIA Standards and the practice of Internal Auditing, gained through 5+ years of relevant experience, including a minimum of 2 years' experience managing teams.
- Experience with testing Internal Controls over Financial Reporting (ICOFR), IT General Controls, application automated controls and report integrity.
- Experience with data analytics including the analytics life cycle and data science principles; experience with machine learning techniques is preferred.
- Familiarity with obtaining data from various OPG data sources including SAP, SQL server and Oracle databases; experience with non-tabular and graph databases would be a plus.
- Experience with PowerBI and similar tools for exploratory analytics. Familiarity with programming languages including Python or R.
- Excellent knowledge of audit methodologies, risk management practices and use of control frameworks (COSO and COBIT) to develop risk-based audit programs.
- Exhibit strong leadership qualities and possess well developed analytical and communication skills (verbal and written).
- Ability to quickly understand business processes and their risk implications, analyze complex situations to reach appropriate conclusions.
- Possess a valid driver's license
- Ability to work effectively and efficiently in a flexible hybrid office environment.
- Exceptional range of opportunities province-wide
- Long-term career growth and development opportunities
- Electricity is vital to the province and OPG's clean electricity is helping decarbonize other sectors.
- We care about the safety and the well-being of our employees. It is our utmost priority.
- A supportive work environment where you can be your best every day.
- Opportunities to stretch and develop.
- Offer different ways for you to give back to communities where we operate.
- Partner with Indigenous communities and support local businesses.
- We support employment equity, diversity and inclusion.