Audit and Compliance

Assess and ensure adherence to internal policies, external regulations, standards, and contractual obligations related to ICT systems, processes, and data.

Proficiency Level

Level 1 (Follow)

  • Follow clear instructions to gather specific, predefined evidence (e.g., logs, screenshots) for audits.
  • Use simple checklists to verify basic compliance points under direct supervision.
  • Document findings accurately using standard templates.

Level 2 (Assist)

  • Assist auditors by performing assigned basic test procedures (e.g., checking configurations against a baseline).
  • Help document audit findings and track the status of agreed remediation actions.
  • Organise and maintain audit evidence according to guidelines.

Level 3 (Apply)

  • Conduct audits or compliance reviews for specific controls or processes using standard methodologies.
  • Identify and document instances of non-compliance and proposes basic corrective actions.
  • Interpret straightforward policies and standards relevant to the audit scope.

Level 4 (Ensure)

  • Plan, scope, and lead audit engagements or compliance assessments for significant areas.
  • Evaluate the effectiveness of internal controls and risk mitigation strategies.
  • Report audit findings, risks, and recommendations clearly to management and stakeholders.

Level 5 (Strategise)

  • Develop the organisation's annual ICT audit plan based on risk assessment.
  • Establish and maintain the overall ICT compliance framework, policies, and procedures.
  • Advise senior leadership on ICT risk and compliance posture, aligning with business strategy.

Related Technical Competencies

APPLICATION DEVELOPMENT

APPLICATION SUPPORT & ENHANCEMENT

APPLICATION INTEGRATION

ACCOUNT MANAGEMENT