Job Summary

The Compliance and Audit Associate supports the organization in ensuring adherence to regulatory requirements, internal policies, and international standards, including Information Security Management Systems (ISMS), Quality Management Systems (QMS), IT Service Management Systems (ITSMS), and AI Management Systems (AIMS). This role assists in conducting audits, monitoring compliance activities, and identifying areas for improvement across business, IT, cybersecurity, AI governance, and personal data protection practices.

The position is suitable for fresh graduates as well as candidates with up to 2–3 years of relevant experience in compliance, audit, IT service management, or cybersecurity.

Key Roles and Responsibilities

• Assist in the planning and execution of internal audits and compliance assessments across multiple standards and frameworks, including ISO 9001, ISO 27001, ISO 20000, and ISO 42001
• Support the implementation, maintenance, and continual improvement of management systems (QMS, ISMS, ITSMS, and AI Management Systems)
• Monitor compliance with cybersecurity requirements and personal data protection regulations
• Support the implementation and monitoring of IT Service Management processes (e.g., incident, change, and problem management)
• Collect, review, and maintain audit evidence, records, and documentation
• Identify gaps, risks, or non-conformities and support corrective and preventive action tracking
• Assist in documenting and reviewing policies, procedures, and standard operating procedures (SOPs), including security and data protection policies
• Coordinate with IT, operations, and business units to gather audit and compliance-related information
• Support risk assessments, including information security risk, AI risk, and data protection impact assessments (DPIA)
• Assist in monitoring service performance, including SLA/KPI tracking under ITSMS
• Support external audits, certification processes, and client or regulatory compliance requirements
• Maintain compliance registers, audit logs, risk registers, asset inventories, and data protection records
• Stay updated on regulatory changes, cybersecurity trends, AI governance practices, and ISO standards
• Provide administrative and coordination support for compliance, audit, cybersecurity, and data protection initiatives

Job Requirements

Education

• Bachelor’s degree in information technology, Computer Science, Cybersecurity, Business Administration, Accounting, or a related field

Experience

• 0–3 years of experience in compliance, audit, IT, cybersecurity, or related fields
• Fresh graduates are welcome to apply
• Candidates with up to 2–3 years of relevant experience in audit, compliance, IT service management, or data protection have an advantage

Skills and Competencies

• Basic to intermediate understanding of compliance, audit, cybersecurity, or IT concepts
• Familiarity with IT Service Management concepts (incident, change, and problem management)
• Understanding of information security and personal data protection principles
• Strong attention to detail and analytical skills
• Good written and verbal communication skills
• Ability to manage and organize documentation effectively
• Proficiency in Microsoft Office tools (Excel, Word, PowerPoint)
• Ability to work independently and collaboratively in a team environment
• Strong sense of integrity, accountability, and professionalism

Preferred (but not required)

• Familiarity with:
• ISO 9001 (Quality Management System)
• ISO 27001 (Information Security Management System)
• ISO 20000 (IT Service Management System)
• ISO 42001 (AI Management System)
• Basic knowledge of cybersecurity frameworks and practices
• Awareness of personal data protection regulations (e.g., PDPA, GDPR)
• Knowledge of ITIL practices or IT service management frameworks
• Understanding of risk management, internal controls, and audit methodologies

Note: Proceeding to apply on this job post means you have read, understand and agreed to WPH DATA PROTECTION NOTICE FOR JOB APPLICANTS in the link below.

https://www.wphdigital.com/notices