INTERNAL AUDITOR — INFORMATION SYSTEM MANGEMENT — (KET 6) (1 POSITION) KETRAC0/5/1C/40/1526/01, I –B ON PERMANENT AND PENSIONABLE.
Reporting to the Senior
Internal Audit, Information Systems, the successful candidate will be
responsible for providing independent and objective assurance for efficient
business operations by conducting audits of the Information Systems and
technical environments of the Company.
Key Responsibilities:
- Conducting
the review of the Organization’s local and wide area network and its
configurations to ensure that it is secure from unauthorized access;
- Reviewing
the adequacy of the network tools that have been deployed to ascertain
their effectiveness to prevent unauthorized access to the Organization;
- Analysing
the SAP licenses acquired and their utilization to ensure there is value
for money being achieved;
- Reviewing
all the ICT Systems deployed in the Company to ensure they are being fully
utilized for their designated purpose;
- Reviewing
the users, roles and profiles defined in SAP to ensure whether segregation
of duties is in place;
- Reviewing
the database configurations in SAP to ensure the integrity and
confidentiality of data has been maintained;
- Reviewing
change management procedures in the systems deployed to ascertain whether
all changes have been documented, approved and tested before deployment;
- Analysing
the security configurations that have been defined in SAP to ensure the
availability of data stored and transmitted is secured;
- Reviewing
contingency and disaster recovery measures deployed by the T & I
department to ensure the continuous availability of the Organization’s
applications;
- Reviewing
Active Directory to ensure it is adequately configured to safeguard access
to computer resources in the domain and network;
- Reviewing
the ICT Service Level Agreements entered into with various service
providers are adequate to ensure compliance and proper service delivery;
- Reviewing
problem and incident management practices within the T & I department
to determine whether incidents, problems or errors are recorded, analyzed
and resolved in a timely manner;
- Conducting
general ICT reviews, audits of computer systems and technical environments;
- Analysing
data for the adequacy and effectiveness of system integrity, accuracy,
security and control;
- Performing
audits of information systems controls including data integrity, backup
and disaster recovery, data centre procedures, data communication and
access controls, database administration and end user control;
- Conducting
applications systems audit i.e. SAP and other business systems to
determine the completeness and accuracy of transactions that have already
been processed and the internal controls therein;
- Conducting
audits of the KETRACO’s information systems policies, procedures and
processes and review compliance with the ICT strategy;
- Conducting
continuous, monthly, quarterly and half yearly information systems audits
as per the Annual Audit Plan;
- Preparing
detailed audit working
papers and programmes for review by the Senior Internal Auditor,
Information Systems;
- Conduct
data extractions, analysis, and security reviews utilizing various
computer assisted audit tools (CAAT).
Qualifications & Skills required:
- A
Bachelor’s degree in Computer Science/ICT/IT/IS/BBIT or related field from
a recognised institution;
- Holder
of Certified Information Systems Auditor (CISA) or CISM designation;
- Other
professional qualification either in CPA, CIA, ACCA or its equivalent. IT
certifications (such as CCNA, CCNP etc.) will be an added advantage;
- Meets
and fulfils the requirements of the provisions of Chapter 6 of the
Constitution of Kenya.
- A
minimum of three (3) years relevant work experience.
Working conditions — Office and Field setting
How to Apply
Deadline 28-Sep-2022 07:30
pm
