Information Systems Auditor

Madison Group Limited is a locally owned financial services holding company that specializes in Insurance and wealth management services. The Group comprises of Madison Life Assurance Kenya Limited, Madison General Insurance Kenya Limited, and Madison Investment Managers Limited. Madison Life Assurance Kenya was originally incorporated under Kenyan Laws in 1988 as Madison Insurance Company Limited (MICK) after a successful merger between Crusader Plc (1974) and Kenya Commercial Insurance Corporation.

Reporting to the Group Internal Audit Manager, the Information Systems Auditor must be a self-driven person who will be responsible for conducting information systems audits of the Group, preparing audit reports and highlighting issues relating to internal controls and risk management.

The individual must possess in-depth knowledge and capabilities to be able to execute audit assignments whilst bringing systematic approach to examine and evaluate the adequacy, effectiveness and efficiency of Group’s risk management processes, internal control systems and recommend corrective actions, improve efficiency and reduce operational costs where possible.

Responsibilities or duties

• Assist in key risk identification and assessment and in preparation of the IS audits annual Plan in liaison with the Head of Department.
• Preparing detailed IS Audit planning memoranda, audit programs and procedures for each IS audit assignment.
• Execute IS audit assignments and document well referenced working papers and evidence for each IS audit assignment in accordance with IS audit standards and best practice.
• Evaluate the adequacy and effectiveness of controls for information systems and technology processes, including those related to data protection, change management, and cyber security.
• Prepare and present written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management.
• Perform audit follow-up and tracking of open audit findings to ensure that audit findings are closed within the agreed timelines.
• Participate in providing quality assurance in technology acquisition, implementation and sign off the IS projects.
• Stay up to date on emerging technology and security vulnerabilities, and threats in the Information Systems landscape and provide relevant and timely advice to stakeholders where necessary.
• Collaborate with different departments to gather information and support audits.
• Recommend revisions to audit procedures to enhance efficiencies.
• Carry out any other duties that may be assigned from time to time.

Qualifications or requirements (e.g., education, skills)

Key Competencies Required

• Strong analytical skills with ability to pay attention to details;
• Ability to observe and understand business processes and derive actionable insights
• Self-driven individual with ability to work with minimum supervision;
• Good communication skills, both verbal and written;
• Team player with excellent interpersonal skills;
• Ability to maintain the highest standards of ethics, confidentiality and professionalism;
• Ability to effectively manage and deliver to strict deadlines.

Requisite Qualifications

• Bachelor’s Degree from a recognized University preferably in Computer Science, Business Information Technology or a related field.
• Professional Qualifications: Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) is required, CIA will be an added advantage;

Experience needed

• At least 2-4 years relevant experience in in internal or external audit preferably in the Insurance or the Financial services industry.
• Excellent Computer skills with hands on experience in Excel and Audit Software (e.g. ACL, Case Ware IDEA, SQL).

• Assist in key risk identification and assessment and in preparation of the IS audits annual Plan in liaison with the Head of Department.
• Preparing detailed IS Audit planning memoranda, audit programs and procedures for each IS audit assignment.
• Execute IS audit assignments and document well referenced working papers and evidence for each IS audit assignment in accordance with IS audit standards and best practice.
• Evaluate the adequacy and effectiveness of controls for information systems and technology processes, including those related to data protection, change management, and cyber security.
• Prepare and present written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management.
• Perform audit follow-up and tracking of open audit findings to ensure that audit findings are closed within the agreed timelines.
• Participate in providing quality assurance in technology acquisition, implementation and sign off the IS projects.
• Stay up to date on emerging technology and security vulnerabilities, and threats in the Information Systems landscape and provide relevant and timely advice to stakeholders where necessary.
• Collaborate with different departments to gather information and support audits.
• Recommend revisions to audit procedures to enhance efficiencies.
• Carry out any other duties that may be assigned from time to time.

• Strong analytical skills with ability to pay attention to details;
• Ability to observe and understand business processes and derive actionable insights
• Self-driven individual with ability to work with minimum supervision;
• Good communication skills, both verbal and written;
• Team player with excellent interpersonal skills;
• Ability to maintain the highest standards of ethics, confidentiality and professionalism;
• Ability to effectively manage and deliver to strict deadlines.
• Excellent Computer skills with hands on experience in Excel and Audit Software (e.g. ACL, Case Ware IDEA, SQL).

• Bachelor’s Degree from a recognized University preferably in Computer Science, Business Information Technology or a related field.
• Professional Qualifications: Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) is required, CIA will be an added advantage;