Information Systems Internal Audit Specialist
Saturday, 31 July 2021
General Employment - Other General Employment
- Provide Organisational and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.
- Responsible for developing and maintaining the IT Risk Assessment in the Audit and Risk division under the oversight of the Chief Audit Executive; including identifying areas where business units should consider additional projects and areas internal audit should focus.
- Conduct audits or lead audit teams in the performance of IT audits and reviews of systems, applications, and IT processes.
- Prepare and report results to the Chief Audit Executives and Audit Committees. These include:
- Perform pre-and post- implementation reviews of system implementations or enhancements.
- IT security audits (e.g., network, operating system, and data centre), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units.
- Evaluate information general computing controls and provide value-added feedback. Test compliance with those controls.
- Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery, and information security to ensure that controls surrounding these processes are adequate.
- Develop, build & implement tools to analyse data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
- Conduct audits or lead audit teams in operational/financial audits.
- B Com in Financial Information Systems, B. degree in information technology, informatics or equivalent.
- Certificate for Certified Internal Auditor (CIA) and Certified Information Systems Auditor (CISA)
- ISACA membership
- CEH or CISSP will be added advantage.
- 5 years’ experience in Information Systems/IT Audits
- 3 years in Network/ Cybersecurity audits
- Project assurance audits (SDLC) will be added advantage.