Audit Management - IT Risk

5 days left

Morgan Stanley
North Lanarkshire
31 Aug 2017
28 Sep 2017
Contract Type
Full Time
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Department Profile
The mission of the Global Technology division is to provide a highly reliable and commercial technology platform, which supports the Firm's strategy, delivered by an innovative, world-class team of professionals. There are ten divisions within Technology.
Technology & Information Risk (TIR) is part of the Global Technology and Data organization and manages operational and technology related risks on behalf of the Firm. The group's key principles are to provide proactive, comprehensive and consistent risk management, to enable the execution of the Firms strategy.

TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology and Data understands how to manage escalate and monitor risk.

Team Profile
The candidate will be a member of a new team that is part of a recently formed Cross Divisional Services Risk Team within Technology and Information Risk (TIR). The team's focus will be to focus on delivering consistent information security services and a "best in class" approach to those key risk services for all the divisional within Technology.

Primary Responsibilities
This position is for an individual to lead and own the reporting, management presentations, and core metric oversight for the Technology Division's Audit program of work. This is a new support position and is part of a recently formed Central Services Risk Team within Technology and Information Risk (TIR). The role's focus will be to establish, evolve, mature and maintain a consistent delivery of quality and meaningful presentations and reports that will inform and drive management focus to areas for improvement.

The candidate will be responsible for:
Production, refreshing and distribution of core Audit related presentation material and content:
- Monthly Firm Risk Committee (initial draft for review)
- Report on current Technology Audit schedule and status
- Highlight material Issues raised, with associated details on owner, timeline etc
- Track progress on critical Audit findings

Monthly updates to "Aged" High Audit Issue portfolio presentation
- Check on status of existing items, call out newly "Aged" content and any that have closed
- Provide summary analysis of month over month material movement
- Graph trajectory analysis to show lens on future state
Maintain and expand the Library of Audit Procedural References
- Prep/ Planning "playbook"
- Standard Audit related templates (closure verification/ date change process etc)

Transparency on core program "quality" metrics
- Highlight and investigate issues with TBD target due date
- Highlight and investigate issues with >2 date changes
- Highlight and investigate issues 'reopened' by IAD
- Highlight and investigate issues where original target due date was missed
- Highlight and investigate issues reported that were self disclosed and highlight wider themes of relevance

Deliver "consumable" view of these metrics and analysis of any areas that drive themes or focus
- Define and own the communication plan
- effective distribution of the above appropriately to the TIR and wider Technology audience

Skills Required
- Experience in Technology Risk Management, and/ or Audit Management, an advantage
- Be a strong agent for change. Be able to facilitate new processes and standards that could impact working environment / culture
- Strong interpersonal, problem solving, organizational and time management skills
- Strong sense of ownership and accountability
- Managing (internal) client relationships and working as part of a distributed team.
- Highly motivated; ability to drive project deliverable(s) to delivery/ lead meetings with cross functional and cross level participation.

Desired Skills
- Previous experience within Technology with prior risk project/program management
- MS Office suite skills; ability to draft succinct and impactful PowerPoint decks (with appropriate level of detail for a given audience), ability to extract, aggregate, and report on data in Excel (charts/ visually impactful messaging)
- Ability to articulate key points clearly and succinctly in meetings
- Ability to work within an open, consensus based organization
- Ability to manage and interact in a matrix ed organization is essential
- Individual must be able to multi-task effectively

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-AM2