Job Purpose

• Responsible for provision of overall independent assurance that the Authority’s risk management, governance processes, internal control systems and processes are operating effectively.

Key Responsibilities/ Duties / Tasks

• Spearheading the development, implementation, and review of policies, strategies, Internal Audit frameworks, guidelines, work plans, standards and procedures that impact on internal audit while ensuring compliance with applicable laws, statutes, and circulars;
• Spearheading the development and monitoring the implementation of risk-based annual internal audit plans and programs;
• Overseeing audit reviews to assess the effectiveness of the risk management process and the adequacy of internal controls;
• Overseeing and monitoring internal controls relating to risk management, compliance, security, ethics, and environmental issues;
• Spearheading the setting up and implementation of internal audit systems in accordance with International Auditing Standards;
• Overseeing follow-up audits, reporting and communicating audit findings, and ensuring adequate implementation of audit recommendations;
• Steering the development and implementation of capacity-building programs to promote awareness of governance, risk management, and internal controls;
• Managing developed internal audit and risk assessment reports in the department;
• Leading in the development of internal audit reports and coordinating external audits in the risk and audit department;
• Overseeing the identification of risks affecting the authority's operations and recommending mitigation measures for the Authority;
• Coordinating external audits of IPOA by the Office of the Auditor General;
• Directing the utilization of financial and material resources allocated to the department;
• Supervising the development of a flexible risk-based annual internal audit plan using risk-based support models and methodologies, and ensuring its full implementation;
• Managing audit reviews for the effectiveness of the risk management process and the adequacy of internal controls.
• Managing risk assessment and developing risk management guidelines as well as unethical conduct, fraud investigation, and anti-corruption strategy;
• Coordinating the approval of audit programs and testing procedures to ensure appropriateness for the areas in scope; fieldwork is within scope constraints and deadlines;
• Coordinating periodic training workshops to promote awareness of governance, risk management, and internal controls;
• Coordinating audit reviews of the effectiveness of the risk management process and the adequacy of internal controls;
• Overseeing the development and implementation of the Risk Management Framework and reporting or communicating audit findings and recommendations to the Management and to the Risk and Audit Committee;
• Steering staff coaching, mentorship and capacity development activities within the department;
• Spearheading the development and monitoring the implementation of the departmental annual work plan and budgets;
• Overseeing overall staff performance management in the department; and
• Providing secretarial services to the Risk and Audit Committee.

Knowledge, Experience and qualifications required

• Cumulative service period of twelve (15) years, three (3) of which must have been at the grade of Assistant Director, Internal Audit and Risk, IPOA 5 or in a comparable and relevant position.
• Master’s Degree in any of the following disciplines: - Business Administration (Accounting/ Finance), Master of Science (Accounting /Finance) or equivalent qualification from a recognized institution.
• Bachelor’s Degree in any of the following disciplines: - Commerce (Accounting/Finance); Business Administration (Accounting/Finance) or equivalent qualification from a recognized institution
• Certified Public Accountants (CPA) Part III or Association of Certified Chartered Accountants (ACCA) Part III or Certified Internal Auditor (CIA) III or equivalent qualification from a recognized institution;
• Certified Information System Auditors (CISA) qualification or Certified Fraud Examiner (CFE) or equivalent qualification from a recognized institution;
• Professional qualification in Enterprise Risk Management from recognized institution;
• Leadership course lasting not less than four (4) weeks from a recognized institution;
• Registered with the Institute of Certified Public Accountants of Kenya (ICPAK);
• Registered with the Institute of Internal Auditors (IIA) or ISACA or any other relevant professional body;
• Valid Practicing License;
• Proficiency in computer applications;

Deadline: 17th October 2025