Internal Auditor, Information Systems Audit (1)
JOB SUMMARY:
The overall responsibility of this role is to conduct audits of the Bank’s IT infrastructure, application systems and processes to provide assurance to the Board and Management of the integrity, availability and confidentiality of the Bank’s information through evaluation of internal controls within the information systems environment.
KEY RESPONSIBILITIES:
Financial
- Execute a risk-based IT Audit plan in line with the IT Audit Strategy and in accordance with applicable IT Audit and Assurance Standards.
- Carry out value for money reviews by evaluating the business case for the proposed investments in information systems to determine whether they meet business objectives.
Customer & Markets
- Assist in preparation of concise and informative audit reports to effectively communicate the findings and recommendations to management.
- Provide independent assessment of project status and achievement of stated objectives, as well as value addition by evaluating effectiveness of risk management on both IT and organizational aspects.
Operational & Sustainability
- Develop and execute relevant information systems audit programs addressing the key risks in the Bank, proposing practical and value-added recommendations to address control weaknesses and provide evidential support of findings.
- Review and evaluate the effectiveness of corrective action plans that address IT audit report findings and track the status of all action plans to completion.
- Ensure implementation of controls by following-up on agreed actions and recommendations raised by external IT auditors and consultants.
- Facilitate the identification of current or emerging IT process risks and facilitate improvement efforts by advising on remedial action.
Leadership
- Drive a culture of teamwork within the audit team to ensure effectiveness in conducting audits and conformance to professional standards is always upheld.
KEY RELATIONSHIPS:
Direct Reports to this Position
Customers of this Position
- Internal Audit clients and other staff.
Knowledge; Skills and Experience required for this Role
Job Knowledge and Experience:
- At least 6 years’ working experience in auditing of information systems in a professional services firm or internal audit environment, preferably in a financial institution.
- Understanding of a banking environment would be an added advantage.
- Knowledge of information systems governance and security principles & practices e.g. ISO27001, COBIT and ITIL frameworks.
- written and verbal communication skills to deliver actionable feedback to client management.
Education:
- Bachelor’s degree in computer science, Information Systems Management, Business Information Technology or related fields from a recognized institution.
- Professional certification in Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP).
- Knowledge and experience in the use of computer assisted audit tools/techniques (CAATs).
- Member of ISACA (preferred)
- Other qualifications such as CIA, CISM, CEH, CCNA or CPA/ACCA would be an added advantage.
Competencies required for this Role
- Analyzing
- Delivering Results and Meeting Customer Expectations
- Writing and Reporting
- Coping with Pressures and Setbacks
- Following Instructions and Procedures
- Applying Expertise and Technology