Summary
Date Posted: Tuesday, June 15, 2021 , Base Salary: Not Disclosed

JOB DETAILS:
Generic Job Title: Information Systems Auditor
Reports to (Primary): Head of Audit
Name of Business Unit: Internal Audit
Direct Reports (administratively/functionally): Head of Audit
Functions Supported: Internal Audit Department

Job Purpose
The overall function of this position is to conduct risk assessment and audit of information systems, report on the findings to BAC through the Head of Audit and to recommend best practice. In addition, the incumbent will also participate in a financial audit when called upon.

Key Responsibilities
• Assessing the adequacy of controls employed to safeguard IS assets
• Review measures employed to ensure data security and integrity.
• Evaluating the effectiveness of controls put in place to ensure business continuity (BCP).
• Review system efficiency, effectiveness and availability.
• Review system change management to ensure adherence to policy.
• Reviews user management controls.
• Review of an adequacy of network security controls.
• Review of ICT policy and information security policy (ISP).
• Carrying out forensic audits and investigations.
• Evaluating the effectiveness and efficiency with which ICT resources are employed.
• Advising management on industrial developments relating to ICT risk.
• Assessing the Bank’s compliance with relevant laws and regulations in relation to information systems.
• Reviewing of matters of significance raised by the Risk and Compliance Department.
• Reviewing and following up on all issues related to information systems raised by the external auditor and the CBK auditors.
• Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the organization.
• Monitoring and evaluating ICT governance processes.
• Reporting periodically on the information system audit function’s purpose, authority, responsibility, and performance relative to its plan.
• Evaluating specific operations at the instruction of the BAC or requested by management, as appropriate.
• Reporting significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the BAC.
• Review & reporting on emerging IS risks (e.g. cyber security risk)
• ICT projects risk assessment
• Conduct quarterly vulnerability penetration test on all ICT platforms deployed by the Bank.
• Participate in financial audit assignments when called upon.

Key Relationships
• ICT department.
• Risk & Compliance Department
• Head Office – Heads of Department, Managers
• Finance Department
• Human Resources Department
• Regulators: KBA, Law enforcing agencies
• Recommend best practice with regards to information systems and outline Information system threats during audits.
• Outline vulnerabilities of the IT systems employed in the various departments.
• For budgets, and other expenses e.g. per diem
• For Employee matters
• Seeking and giving feedback; Overall information systems
• Regulatory Requirements.

Key Measurables
• Annual review of the banks information systems which will be presented in reports.
• Ensure timely discussion of a summary of findings with the relevant departments.
• Develop/Review IS audit charter.
• Develop/Review IS audit policy.
• Ensure timely submission of reports to the Head of Internal Audit.
• Come up with the annual risk based IS audit budget and audit plan.

Dimensions/Authorities
• Responsible for information systems audit.
• Support financial audit and fraud investigation.

Qualifications & Experience
• University Degree or its equivalent. IT related degree from a recognized university.
• Be a certified information systems auditor. (CISA)
• Be a certified public accountant CPA (K).
• Be a member of Information Systems Audit & Control Association (ISACA)
• Minimum 5 years working experience in Audit. 3 years of which should be dedicated to an information systems audit.
• Adequate training in report writing and data analytics
• Experience in IT fraud investigation and prevention.
• Must have no criminal records
• Experience in performance and people management.

Competencies & Attributes
• Strategic thinker, ability to see the big picture and formulate strategies for the unit that will contribute to achievement of the Bank’s overall objectives
• Performs his/her duties with minimum supervision.
• Enthusiastic, results oriented with excellent communication and presentation skills.
• A forward planner with clear focus, ardent team player, mature, reliable, and hardworking.
• Understand information security procedures.
• Excellent analytical, problem solving skills
• High levels of professionalism and professional development; is self-disciplined with a high sense of alertness.
• Honest with impeccable integrity (high ethical standards).
• Ability to grow, support and develop information systems audit talent within an internal audit department.

Work Hours: 8

Experience in Months: 60

Level of Education: Bachelor Degree

{module 312}

Job application procedure
Please click here to apply.

All Jobs

QUICK ALERT SUBSCRIPTION

{module 316}