Senior Manager, Internal Audit & Risk

Senior Manager Internal Audit & Risk

Function: Internal Audit

Role Purpose

The Senior Manager, Internal Audit & Risk is responsible for leading the development and execution of a risk-based annual internal audit plan, ensuring the delivery of independent and objective assurance across financial, operational, technology, compliance, and governance processes.

The role oversees internal audit activities across the organisation, evaluates the effectiveness of internal controls and risk mitigation frameworks, drives data-driven audit insights through Data Analytics, and provides strategic insights to senior leadership and the Audit Committee. The incumbent works closely with co-sourced audit partners, key business stakeholders, and the Group Internal Audit function to strengthen governance standards and elevate the capability and maturity of the Internal Audit function.

In addition, the Senior Manager plays a key role in Enterprise Risk Management (ERM) and Business Continuity Management to ensure resilience of critical business processes.

Key Responsibilities

1. Audit Strategy, Planning & Execution

• Develop and execute a risk-based annual internal audit plan aligned with organisational strategy and risk priorities.
• Lead end-to-end audit engagements including planning, scoping, fieldwork, reporting, and follow-up. Ensure audit engagements are delivered on time, within scope, and within budget.
• Evaluate the adequacy and effectiveness of internal controls, governance frameworks, and risk mitigation processes.
• Identify control gaps, operational inefficiencies, and compliance weaknesses, recommending practical, value-adding improvements.
• Leverage Data Analytics to enhance audit effectiveness, identify trends, and provide deeper insights.
• Contribute to fraud risk assessments, investigations, and special review assignments when required.
• Lead the maturity of the Internal Audit function, driving enhanced methodologies, processes, and audit maturity.

2. Enterprise Risk Management

• Facilitate the implementation of risk assessment methodology, system and processes to assist risk managers in identifying and managing risks.
• Conduct trainings and workshops to relevant stakeholders.
• Lead the identification and assessment of risks as well as mitigation plans through regular engagement with risk managers and action owners. Review and enhance the quality of the risk register and related reports.
• Facilitate the risk management meetings and present the risks to the senior leadership
• Research emerging risks and trends in the industry and provide advice and recommendations to management where appropriate.

3. Business Continuity Management

• Facilitate the implementation of business continuity methodology, system and processes to assist risk managers in identifying and managing risks.
• Collaborate with business units to ensure continuity plans are in place and tested for critical operations.
• Assess risks related to business interruptions and recommend mitigation strategies.
• Support management in crisis response, recovery planning, and resilience-building initiatives.

4. Reporting & Stakeholder Engagement

• Prepare clear, concise, and impactful audit reports and Audit Committee materials.
• Present audit findings and insights to senior management and governance bodies.
• Collaborate closely with stakeholders to drive timely remediation of agreed action plans.
• Provide advisory insights to improve operational effectiveness and business performance.

5. Leadership & Capability Development

• Lead, develop and uplift capability of internal audit team members and manage performance of co-sourced audit partners.
• Foster a culture of continuous improvement, accountability, and innovation.
• Participate in global internal audit initiatives.
• Champion cross-functional collaboration and create a safe, inclusive working environment.

6. Special Projects

• Lead or support special audit assignments, internal investigations, system reviews, or transformation initiatives as required.

Qualifications & Experience

• Bachelor's Degree in Accounting, Finance, or related discipline.
• Professional certification such as CIA, CPA, CISA, or equivalent preferred.
• Minimum 15 years of experience in internal audit, risk management, business continuity management and/or related fields.
• At least 8 years in a leadership or people management capacity.
• Experience in ERP environments and auditing across technology-enabled systems.
• Prior exposure to FMCG or complex multi-entity environments is advantageous.

Technical & Functional Competencies

• Strong knowledge of internal audit standards, methodologies, and best practices.
• Advanced understanding of corporate governance, risk management frameworks, and Business Continuity Management.
• Strong business acumen with ability to translate risk insights into strategic value.
• Deep knowledge of business processes, financial controls, and systems optimisation.
• Proficiency in Data Analytics to support audit and risk insights.
• Exceptional analytical, problem-solving, and decision-making capabilities.
• Excellent written and verbal communication skills, with ability to present complex findings clearly to senior stakeholders.