Information Systems Auditor

Company Details
Name:NCBA Group
Industry: Banking
Description: On 6th December 2018, it was announced that NIC Bank, an institution with a rich history of retail banking; and CBA Bank, a forerunner of innovation in the banking space, would be merging to form a new bank with unmatched strength, expertise and regional reach.
,,,,
,,,The new NCBA has harnessed t…
On 6th December 2018, it was announced that NIC Bank, an institution with a rich history of retail banking; and CBA Bank, a forerunner of innovation in the banking space, would be merging to form a new bank with unmatched strength, expertise and regional reach. ,,,, ,,,The new NCBA has harnessed the power of both NIC and CBA to create a bank that brings together the best of both worlds — from cutting edge mobile banking to good old-fashioned relationship management; from scalable business banking to financial services that grow as your business does; from best-in-class choice of products to investment solutions tailored to your specific needs. ,,,, ,,,Our extensive branch network and friendly service mean that you are part of the most universal yet personal bank in East Africa. View more View less
Job Details
Job Type: Full Time
Workplace Type: On-site
Qualification: Diploma
Job Experience: Mandatory
Job Location: Nairobi County, Kenya
Closing Date: Undisclosed
Salary: KES Unspecified / month
Other Pay: Benefits
Job Category: Telecommunications
Job Description

Job Purpose Statement

The purpose of this role is to provide assurance on the Group’s information systems with respect to information technology security, functions and processes, and the technology applications that support business functions. The role ensures appropriate security controls are in place to protect the Group’s assets from ICT-related risks. The role holder will conduct independent reviews of compliance with the Group’s ICT and Information Security policies and procedures, assess the adequacy of internal control systems, verify regulatory compliance, and highlight exceptions or violations.

Key Accountabilities

Audit Planning (10%)

  • Assist in formulating and implementing the Information and Communication Technology audit strategy.
  • Evaluate the standards of risk management, accuracy of records, procedures, and control activities throughout the bank’s ICT structures.
  • Assess and advise on risk management and internal control systems, including reviewing the suitability and reliability of management information systems.

Audit Management & Execution (60%)

  • Develop audit tests for assigned assurance and advisory services based on the annual risk-based internal audit plan, focusing on key critical risk areas.
  • Execute IS audits and participate in audits of the bank’s subsidiaries, departments, branches, and processes according to audit plans and in accordance with policies, procedures, and best practices.
  • Design and execute audit programs or work programs for assigned assurance and advisory services through interviews, observation, process reviews, data analysis, and testing of control areas.
  • Develop and issue concise draft reports that present findings, recommendations, and management responses.
  • Prepare summaries of audit results and draft audit reports summarizing findings and recommendations, and work with IT management and IT risk to develop action plans.
  • Follow up on audit recommendations and actions taken to ensure they are addressed and properly managed.

Internal Business Processes (10%)

  • Review procedures and records to ensure alignment with the Bank’s ICT strategy and objectives.
  • Appraise policies and activity plans for all departmental systems in use to ensure they complement the ICT strategy.
  • Liaise with external auditors and other regulatory monitoring agencies and implement recommendations to improve information systems controls and security, promoting growth and ensuring regulatory compliance.
  • Provide consultancy services to project teams on IT risk, system controls, and best practices.
  • Participate in the bank’s Information Risk forums and provide insights on emerging risks.

Customer (10%)

  • Create a cordial and professional working environment for all staff to enhance individual performance and productivity.
  • Develop, with the assistance of the Head of Audit, the annual IS audit team performance objectives, standards, and targets.
  • Identify development and training needs and develop plans to address those needs.

Learning and Growth (10%)

  • Continuously improve knowledge and learning to remain current with professional standards and practices.
  • Enhance professionalism in conduct of work and day-to-day activities.
  • Adhere to professional standards and code of ethics at all times.
  • Enhance knowledge, skills, and other competencies through continuous personal development.

Job Specifications

Academic

  • A university graduate, preferably in Information Systems Management (Computer Science), Business Administration, or a related field.

Professional

  • Qualified Certified Information Systems Auditor (CISA) with relevant experience in information security knowledge areas such as Information Systems Audit, Information Security Management, and Ethical Hacking.
  • CIA, CISM, or CISP certifications are an added advantage.
  • Qualifications in data analysis and CAATs are an added advantage.

Desired Work Experience

  • At least 4 years of information system audit experience, preferably in the financial services industry.
369 open positions on Semasocial right now · 6848 open positions in Nairobi County, Kenya · 33 posted in the last 7 days
Contact Information
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool

This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.

Beware of Fraudsters!
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
Disclaimer & TOS: We do not guarantee the authenticity of every single job posting and are not responsible for any fraudulent activity or misrepresentation by third parties. We are not involved in any stage of the interview or recruitment process and do not charge any fees from job seekers. For further details, please read the rest of the Terms of Service.