Auditor, Information Systems
Reports to: Head of Internal Audit
Department: Internal Audit
Location: Head Office, Nairobi
Job purpose
The Job holder of this
position is responsible for performing detailed evaluation of internal controls
over computer and ensure that the Information Systems in place are appropriate,
well utilized, and reliable and secure, while giving commensurate recommendations
on areas of improvement
Key Responsibilities
·
Provide input for preparation
of the Annual Audit plan.
·
Ensure adequate planning to
align Information Systems Audits with corporate and business objectives.
·
Performing independent risk
assessments of all new and existing systems (including peripheral/interfaced
applications) and their attendant operating environment and infrastructure
deployed in the Bank to Identify and analyzing the level of threat and
potential risk to the Bank’s IS assets which may translate into losses;
·
Perform general and
application control reviews for simple to complex computer information systems.
·
Deliver the scheduled audits
as per the audit plan.
·
Perform information control
reviews of system development standards, operating procedures, system security,
programming controls, communication controls, back up and disaster recovery and
system maintenance.
·
Perform reviews of internal
control procedures and security for system under development and /or
enhancements to current systems.
·
Prepare work papers and audit
findings and ensure adequate documentation exists to support audit conclusions.
·
Follow up and offer support
on closure of audit exceptions.
·
Monitor the implementation
and operation of defined controls on an ongoing basis.
·
Communicate to auditees the
status of issue closure and number of overdue issues as per agreed closure
timelines
·
Conduct routine and adhoc
audits of new and existing systems.
·
Providing Information Systems
security consultancy services for projects undertaken by the Bank ensuring
compliance with best practice;
·
Drafting suitable audit
reports highlighting key process/ control weaknesses, non-compliance with
procedures and management policies and regulatory requirements, among others on
those areas audited.
Qualification and experience
·
University Degree in
Information Technology , Computer Science or other related field.
·
Certification in Information
System Audit (CISA) a must.
·
CPA (K), ACCA, CISM, CISSP,
CIA or an equivalent professional qualification an added advantage
·
At least 6 years working
experience in IT with at least 4 years in IS Audit in corporate organization
and has good knowledge of Banking Operations.
Skills and competencies
·
Knowledge in risk assessment
and control concept/methodologies.
·
Knowledge in audit tools
& techniques including process mapping, control identification &
analysis and design of audit tests.
·
Business process and control
knowledge
Application Deadline: 16th
November 2022