Audit and Compliance

Assessing and ensuring adherence to internal policies, external regulations, standards, and contractual obligations related to ICT systems, processes, and data.

Proficiency Level

Level 1 (Follow)

  • Follows clear instructions to gather specific, predefined evidence (e.g., logs, screenshots) for audits.
  • Uses simple checklists to verify basic compliance points under direct supervision.
  • Documents findings accurately using standard templates.

Level 2 (Assist)

  • Assists auditors by performing assigned basic test procedures (e.g., checking configurations against a baseline).
  • Helps document audit findings and track the status of agreed remediation actions.
  • Organizes and maintains audit evidence according to guidelines.

Level 3 (Apply)

  • Conducts audits or compliance reviews for specific controls or processes using standard methodologies.
  • Identifies and documents instances of non-compliance and proposes basic corrective actions.
  • Interprets straightforward policies and standards relevant to the audit scope.

Level 4 (Ensure)

  • Plans, scopes, and leads audit engagements or compliance assessments for significant areas.
  • Evaluates the effectiveness of internal controls and risk mitigation strategies.
  • Reports audit findings, risks, and recommendations clearly to management and stakeholders.

Level 5 (Strategise)

  • Develops the organisation's annual ICT audit plan based on risk assessment.
  • Establishes and maintains the overall ICT compliance framework, policies, and procedures.
  • Advises senior leadership on ICT risk and compliance posture, aligning with business strategy.

Related Technical Competencies

APPLICATION DEVELOPMENT

APPLICATION SUPPORT & ENHANCEMENT

APPLICATION INTEGRATION

ACCOUNT MANAGEMENT