Reporting to the Head of Internal Audit and Risk, the candidate shall ensure successful completion of IT audit assignments, from start to finish, inclusive of preplanning and wrap up activities. Identifies areas of internal control weaknesses and areas of non- compliance within the Institute and provide sound and practical recommendations to management. Communicates significant IT risks and audit findings through periodic audit reports to management.IS Auditor shall monitor the Institute’s computer network for possible mismanagement and inefficiency. He/she shall ensure that IT practices comply with the institution’s procedures as well as the best practice.
Academic and Professional Qualifications
2–3 years external audit work experience specializing in Information Systems audit from a reputable audit firm or extensive experience in Information Systems audit within an internal audit function;
Academic Qualifications: Bachelor’s degree in Computer Science or Business-related field;
Certification/Licensure Cert Information Systems Auditor (CISA).
Certified Internal Auditor (CIA), OR Certified Public Accountant (CPA Part II) will be an added advantage.
Responsibilities
Perform detailed evaluation of internal control and audit reviews of computer information systems and infrastructure.
Perform assessments of all new and existing systems (including peripheral/interfaced applications).
Preparing audits reports which clearly communicates audit findings and recommendations.
Reviewing new application systems development acquisitions or major changes to existing systems i.e. analysis, design and implementation of identified inherent risks.
Reviewing data and network security e.g. access controls, systems back-ups, segregation of duties, etc.
Reviewing documentation/procedures such as Service level agreements, IT contracts, DRP, programs, and ICT policy.
Reviewing software and hardware support and maintenance.
Participating in Audit assignments which will include IT, plus tasks assigned to other areas.
Provide advice in resolving information security incidents.
Quality assurance to ensure that all work delivered, including working papers, both meet the standards required as well as support the audit findings, recommendations, and conclusions.
Ensure follow up on implementation of agreed audit recommendations tracked using Teammate Audit Management System.
Performs any other related duties as may be assigned;
Follow up AuditsConducts follow up audits on the implementation of Audit recommendations.
Review the feedback and evidence to support the implementation of audit recommendations provided by Audit Clients through the Team Central module of the TeamMate Audit Management System.
Assist Audit clients on TeamMate Audit Management System support.
Facilitate the effective implementation of the Enterprise Risk Management policy framework in the Institute;Designing, implementing and reviewing processes for sound risk management;
Taking part in the monthly meetings with the Institute’s risk champions;
Providing assurance on the effectiveness of ICT related risks mitigation plans;
Facilitating risk champions in ICT related risk identification, assessment, and evaluation;
Performs any other related duties as may be assigned;
Job Requirements
Required education
: Bachelor's degree
Required relevant work experience
: 2 years
Required languages:
English (Spoken: fluent | Written: fluent)
