The Job holder of this position is responsible for performing detailed evaluation of internal controls over computer and ensure that the Information Systems in place are appropriate, well utilized, and reliable and secure, while giving commensurate recommendations on areas of improvement.
Provide input for preparation of the Annual Audit plan.
Ensure adequate planning to align Information Systems Audits with corporate and business objectives.
Performing independent risk assessments of all new and existing systems (including peripheral/interfaced applications) and their attendant operating environment and infrastructure deployed in the Bank to Identify and analyzing the level of threat and potential risk to the Bank’s IS assets which may translate into losses;
Perform general and application control reviews for simple to complex computer information systems.
Deliver the scheduled audits as per the audit plan.
Perform information control reviews of system development standards, operating procedures, system security, programming controls, communication controls, back up and disaster recovery and system maintenance.
Perform reviews of internal control procedures and security for system under development and /or enhancements to current systems.
Prepare work papers and audit findings and ensure adequate documentation exists to support audit conclusions.
Follow up and offer support on closure of audit exceptions.
Monitor the implementation and operation of defined controls on an ongoing basis.
Communicate to auditees the status of issue closure and number of overdue issues as per agreed closure timelines
Conduct routine and adhoc audits of new and existing systems.
Providing Information Systems security consultancy services for projects undertaken by the Bank ensuring compliance with best practice;
Drafting suitable audit reports highlighting key process/ control weaknesses, non-compliance with procedures and management policies and regulatory requirements, among others on those areas audited.
University Degree in Information Systems or Computer Science/ IT.
Certification in Information System Audit (CISA) a must.
CPA (K), ACCA, CISM, CISSP, CIA or an equivalent professional qualification an added advantage
At least 6 years working experience in IT with at least 4 years in IS Audit in corporate organization and has good knowledge of Banking Operations.
Knowledge in risk assessment and control concept/methodologies.
Knowledge in audit tools & techniques including process mapping, control identification & analysis and design of audit tests.