Job Summary

✦ The Internal Auditor is responsible for independently evaluating the adequacy and effectiveness of the company’s internal controls, business processes, compliance, and risk management systems. Additionally, the role serves as the designated Data Protection Officer (DPO), ensuring compliance with the Data Privacy Act of 2012 and related regulations across all branches and departments. The position provides assurance and recommendations for process improvement and data protection.

Duties and Responsibilities

✦ Conduct Process Mapping and Documentation.

✦ Conduct interviews and walkthroughs with department personnel.

✦ Prepare written documentation of actual practices and coordinates with IT Department for the preparation of process flowcharts

✦ Identify deviations from company policy, control weaknesses, and operational bottlenecks.

✦ Evaluate Control Environments and Recommend Process Improvements.

✦ Assess the effectiveness, efficiency, and risk exposure of existing controls by analysing documented processes for risks, inefficiencies, and non-compliances.

✦ Recommend practical improvements to strengthen internal controls, streamline operations, and reduce risk of fraud or loss.

✦ Present propose changes to management and standardization across departments and branches for consistent operations.

✦ Plan and Execute Regular Operational and Compliance Audits.

✦ Design and establish the internal audit function, tools, and practices.

✦ Conduct regular financial, operational, and compliance audits.

✦ Perform Branch Audits in General Santos and other locations, as applicable.

✦ Ensure consistency and compliance with updated policies across branches.

✦ Conduct Inventory and Asset Spot Checks and Reconciliations.

✦ Facilitate scheduled and surprise audits of spare parts, tools and assets in coordination with the Accounting Department.

✦ Investigate and report any discrepancies or losses.

✦ Conduct Fraud Risk and Compliance Review.

✦ Monitor for potential fraud indicators or control weakness.

✦ Verify compliance with internal policies, BIR requirements, and other regulations.

✦ Report Audit Findings and Conduct Follow-Up Activities.

✦ Prepare audit reports with findings, risk ratings, and recommended actions.

✦ Track implementation of corrective actions and report progress to management.

✦ Maintain proper audit documentation for future reference and follow-up.

✦ Provide Support for External Audits and Regulatory Compliance.

✦ Assist with BIR, ISO, or external audits by providing necessary data and clarifications.

✦ Ensure dealership practices remain compliant with government and industry standards.

Data Protection Officer (DPO) Duties and Responsibilities:

✦ Ensure Regulatory Compliance.

✦ Monitor and ensure compliance with the Data Privacy Act of 2012, its Implementing Rules and Regulations (IRR), and National Privacy Commission (NPC) guidelines.

✦ Develop, implement, and maintain the company’s Privacy Management Program.

✦ Recommend and update company privacy policies, guidelines, procedures, protocols, and consent forms.

✦ Manage Privacy Risks and Implementing Data Protection Measures.

✦ Lead the conduct of Privacy Impact Assessments (PIAs) for processes involving personal data.

✦ Identify privacy risks in data processing systems and recommend appropriate mitigation strategies.

✦ Ensure that effective security measures are in place for the storage, access, and disposal of personal data.

✦ Safeguard the Rights of Data Subjects.

✦ Establish clear and accessible procedures that allow data subjects to exercise their rights such as the right to access, correct, object, or withdraw consent to the processing of their personal data.

✦ Respond to and manage data subject requests, inquiries, and complaints in accordance with legal requirements.

✦ Manage Data Breach Incidents

✦ Lead the investigation and report notifiable data breaches to the National Privacy Commission (NPC) within required timelines.

✦ Ensure the implementation of corrective actions to prevent recurrence.

✦ Coordinate Privacy Efforts Within and Outside the Organization.

✦ Serve as the main contact for all privacy-related matters, both internally and with the NPC. Coordinate with department heads to align business processes with data privacy requirements.

✦ Promote Training and Awareness.

✦ Responsible for planning and conducting regular privacy awareness campaigns and training programs for employees and contractors.

✦ The Internal Auditor / DPO is expected to engage in continuing education and stay updated on audit standards and industry regulations, and data privacy laws and best practices. He/She may also be assigned other related tasks and responsibilities from time to time, as may be deemed necessary by management to support business operations and compliance objectives.

Qualifications

✦ Bachelor’s Degree in Accountancy or Internal Auditing

✦ Must be a Certified Public Accountant (CPA) or a Certified Internal Auditor (CIA)

✦ Minimum of one (1) year of relevant experience in internal audit, compliance, or process evaluation

✦ Strong background in process analysis and internal controls

✦ Knowledge in developing and implementing audit and compliance programs

✦ Good in presenting ideas and concepts orally and in writing

✦ Excellent analytical and problem-solving skills

✦ Proficient in Microsoft Office applications

✦ Analytical mindset with attention to detail

✦ High level of integrity and objectivity

✦ Organized and systematic in documenting workflows and findings

✦ Strong written and verbal communication skills

✦ Self-motivated and able to work independently while coordinating across departments

Kindly send your resume to hradmin@hinodavao.ph or mcdcampaner.hinodavao@gmail.com