Associate – Information Risk Management (“IRM”) Specialist

  • Competitive
  • Selangor, Malaysia
  • Permanent, Full time
  • KPMG in Malaysia
  • 27 Sep 16

IT Audit

Since establishing its presence in 1928, KPMG Malaysia has grown to be a part of KPMG’s global success. With more than 1900 professionals located across 9 offices nationwide, KPMG in Malaysia provides services ranging from assurance and tax to financial advisory and business advisory. At KPMG, we are passionate about working with our clients to deliver exceptional value, we provide the environment for our people to flourish and realized their full potential and we continuously extend the frontiers of our shared knowledge.

Our clients’ use of IT often has a significant effect on our audit plan. As part of the audit team, the primary functions of IRM Specialist are to evaluate the systems and applications that are in place to guard an organization's information particularly on the financial reporting. Specifically, information technology audits are used to evaluate the organization's ability to protect its information assets and to properly dispense information to authorized parties. IRM Specialists obtain an understanding of the entity's IT environments and its application controls. When performing risk assessment procedures, we identify significant risks or financial statement level risks related to IT and determining the effect of IT on the audit.

This is an excellent opportunity to join a renowned, fast paced specialist team with good career development opportunities in KPMG.


• Assist the senior team members in assessing the entity level risk and involve in planning the audit and considers key IT elements relevant to financial reporting;
• Obtain understanding of the complex business processes and report the identified risks arising from the entity’s use of IT which are relevant to the audit;
• Assist the senior team members in identifying the key IT application controls within a client’s business processes;
• Involve in evaluating the design and effectiveness of IT general controls and application controls;
• Periodic, timely status updates for the senior team members;
• Testing of operating effectiveness of General IT Controls and application controls.


• A Bachelor's Degree in Information Technology/Accounting/any related field;
• Candidates with CISA and/or related certifications would be an advantage;
• Independent, self-motivated, organized and results oriented individual capable of handling multiple tasks within tight deadlines;
• A team player with good communication and interpersonal skills;
• Good command of English (both written and spoken);
• Strong interest in the IT and accounting;
• Experience in business ERP applications (i.e. SAP, Oracle UBS), databases (i.e. SQL), operating system (i.e. Mainframe / Unix / Windows Server) and analytical tools (i.e. IDEA, Excel) would be a plus.