Internal Auditor Cyber Information Systems

Job Purpose:

Conduct Information System/ Information Technology audits as per the annual audit plan and the IIA Standards to facilitate the assessment of:

• Effectiveness and efficiency of operations.
• Reliability and integrity of financial and operational information.
• Safeguarding of Company assets.
• Compliance with laws, regulations, and internal control framework.
• The design and the operational status of internal controls and other risk mitigation measures within all business processes subject to audit
• The Enterprise Risk Management (ERM) process including Business Continuity management (BCM) process.
  

Dimensions:

Operating Budget:NANo of staff: No Direct Reports

Capital Expenditure: NAOther:NA

Key Result Areas:

• Actively participate in the periodic risk assessment of corporate business processes in the development of strategic and annual internal audit plans to address the strategic internal audit focus.
• Recommend changes to existing processes or implementation of new processes to facilitate business process improvements.
• Explore alternatives to conventional approaches in business processes and respond with innovative solutions using research, intuition, and fresh perspectives to improve efficiency.
• Identify potential IT risks and related information system issues by applying knowledge of information technology industry trends and the present IT environment. IT risks to be captured in the risk register.
• Provide an educated opinion on the design and the operational status of internal controls and other risk mitigation measures.
• Function as an internal business consultant particularly to provide governance advice for information system and business processes.
• Identify new risks for inclusion in the corporate / department risk register.
• Take part in major IT initiatives, transformation projects review of cyber-security systems and internal controls pertaining to Information system under development.
• Plan, coordinate and manage each IT individual audit autonomously to achieve timely completion of the annual audit plan.
• Develop the audit program for the assigned audit including the objectives, potential risk, key controls etc.
• Assist the Technical and Support Internal Audit teams in the examination and analysis of records by executing the audit program for the assigned audits.
• Assist the Technical and Support Internal Audit teams in finalizing the use of audit techniques, sampling methods etc.
• Execute and / or assist in execution of assigned areas of the internal audit plan to achieve the timely completion of the assigned audit.
• Execute Cyber and IT audit engagements in accordance with the approved audit program and ensures that audit objectives have been met to support the audit conclusions.
• Assist Senior Internal auditors (Technical and Support) in finalizing IT audit observations with the relevant Auditees to ensure a collaborative audit process.
• Participate in conducting special reviews and undertake administrative duties, as directed by the CAO.
• Follow-up on the implementation status of agreed action points related to Cyber and IT on a quarterly basis with the relevant stakeholders, as directed by the CAO.
• Assist the External Auditors and Auditors from the National Audit Office (NAO) to facilitate their review of the Company's management systems and financial statements by providing requested information/reports/assistance.
• Proactively complete assigned trainings and identify the training needs for self-development to assist SIA / CAOin maintaining the adequate audit competencies in the department.
• Provide on job training to departmental trainees to facilitate their development as future Auditors.