Information Systems Auditor
Posted:
,,,,
,,,The new NCBA has harnessed t… View more
Job Purpose Statement
The purpose of this role is to provide assurance on the Group’s information systems with respect to information technology security, functions and processes, and the technology applications that support business functions. The role ensures appropriate security controls are in place to protect the Group’s assets from ICT-related risks. The role holder will conduct independent reviews of compliance with the Group’s ICT and Information Security policies and procedures, assess the adequacy of internal control systems, verify regulatory compliance, and highlight exceptions or violations.
Key Accountabilities
Audit Planning (10%)
- Assist in formulating and implementing the Information and Communication Technology audit strategy.
- Evaluate the standards of risk management, accuracy of records, procedures, and control activities throughout the bank’s ICT structures.
- Assess and advise on risk management and internal control systems, including reviewing the suitability and reliability of management information systems.
Audit Management & Execution (60%)
- Develop audit tests for assigned assurance and advisory services based on the annual risk-based internal audit plan, focusing on key critical risk areas.
- Execute IS audits and participate in audits of the bank’s subsidiaries, departments, branches, and processes according to audit plans and in accordance with policies, procedures, and best practices.
- Design and execute audit programs or work programs for assigned assurance and advisory services through interviews, observation, process reviews, data analysis, and testing of control areas.
- Develop and issue concise draft reports that present findings, recommendations, and management responses.
- Prepare summaries of audit results and draft audit reports summarizing findings and recommendations, and work with IT management and IT risk to develop action plans.
- Follow up on audit recommendations and actions taken to ensure they are addressed and properly managed.
Internal Business Processes (10%)
- Review procedures and records to ensure alignment with the Bank’s ICT strategy and objectives.
- Appraise policies and activity plans for all departmental systems in use to ensure they complement the ICT strategy.
- Liaise with external auditors and other regulatory monitoring agencies and implement recommendations to improve information systems controls and security, promoting growth and ensuring regulatory compliance.
- Provide consultancy services to project teams on IT risk, system controls, and best practices.
- Participate in the bank’s Information Risk forums and provide insights on emerging risks.
Customer (10%)
- Create a cordial and professional working environment for all staff to enhance individual performance and productivity.
- Develop, with the assistance of the Head of Audit, the annual IS audit team performance objectives, standards, and targets.
- Identify development and training needs and develop plans to address those needs.
Learning and Growth (10%)
- Continuously improve knowledge and learning to remain current with professional standards and practices.
- Enhance professionalism in conduct of work and day-to-day activities.
- Adhere to professional standards and code of ethics at all times.
- Enhance knowledge, skills, and other competencies through continuous personal development.
Job Specifications
Academic
- A university graduate, preferably in Information Systems Management (Computer Science), Business Administration, or a related field.
Professional
- Qualified Certified Information Systems Auditor (CISA) with relevant experience in information security knowledge areas such as Information Systems Audit, Information Security Management, and Ethical Hacking.
- CIA, CISM, or CISP certifications are an added advantage.
- Qualifications in data analysis and CAATs are an added advantage.
Desired Work Experience
- At least 4 years of information system audit experience, preferably in the financial services industry.
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool
This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
