Reporting to: Audit Manager – ICT Audit

Department: Internal Audit

Location: HQ

Job Summary

The purpose of the role entails performing Information and Communication Technology (ICT) audits, investigations, and data analytics in line with applicable audit standards, policies, and procedures. To guide and support Business auditors in various audit projects where the use of ICT skills and knowledge is required.

Key Responsibilities:

Customer Relationship Management:

• Conduct ICT audits and lead audit teams in the performance of ICT audits
• Provide Business and management with insights on ICT risk management, particularly on application and infrastructure security.
• Prepare and report results to Senior Management executives and Audit Committee.
• Perform pre- and post-implementation reviews of system implementations or enhancements.
• Perform IT security audits (e.g., network, operating system, and data centre), including evaluating whether security vulnerabilities are properly identified and mitigated.
• Coordinate the scope and performance of these reviews with business units and external security experts.
• Evaluate information general computing controls and provide value-added feedback. Test compliance with those controls.
• Perform various other reviews of IT management policies and procedures such as change management, business continuity management and information security to ensure that controls surrounding these processes are adequate.
• Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business Auditors adopt to provide business insights or for continuous auditing.
• In consultation with Managers, review ICT risk assessment and audit programs relating to systems operations for change or improvements, if any.
• Mapping or reviewing key processes relating to systems operations and sharing with audit teams key areas of risks in those processes.
• Ensure audits are carried out in line with International Standards for the Professional Practice of Internal Auditing as issued from time to time by the Institute of Internal Auditors.
• Guide auditors on report writing focusing on root cause identification and developing recommendations that address the root causes.
• Provide regular training to auditors on areas that need improvement in systems reviews.
• Lead audit teams and ensure audits progress as planned and in line with the approved scope, budget, and timetable.
• Improving technical knowledge as well as soft skills through self-learning or formal training including meeting mandatory CPE requirements.
• Be an expert in systems operations and share knowledge with the audit team and peers in the business.

Experience, Knowledge, and Skills Requirements

• Bachelor’s degree in computer science, Computer Information systems or Computer Engineering from any recognized University or its equivalent qualifications.
• Certification in Information Systems Audit (CISA) or Certification in ACL Data Analyst levels (ACDA) would be an added advantage.
• Strong analytical skills.

• Practical experience in ICT audit operations for at least three years in a reputable organization/audit firm/Bank.

• Good knowledge of IT audit standards and best ICT security practices.

• Strong Communication Skills, Sound Business acumen and Leadership skills

Deadline 20th Oct 2023