Audit

IT vendor audits is mandatory

Designation SC/DM

Notice period 30-45 days , 60 days maximum

The brief JD is mentioned below:

Conduct IT and vendor audits for third-party service providers (TPAs, outsourced vendors, cloud partners) supporting insurance operations

Review IT General Controls (ITGC) including access management, change management, incident management, and backup/DR controls

Assess information security and regulatory compliance (IRDAI guidelines, ISO 27001, NIST, data protection requirements)

Perform process audits of insurance operations (underwriting, claims, policy servicing) with focus on system-driven controls and automation

Evaluate integration between IT systems and business processes, identifying gaps, inefficiencies, and control weaknesses

Review contracts, and SLAs from IT risk and operational control perspectives

Prepare audit reports, risk assessments, and control matrices, with actionable recommendations and risk ratings

Coordinate with stakeholders and vendors to track and ensure timely closure of audit findings