JOB OBJECTIVE
The job holder will be responsible for conducting regular internal control assessments of the University’s Information Systems and IT Infrastructure, IT risk management matters, particularly on application and infrastructure security.
DUTIES AND RESPONSIBILITIES:
Contribute to the development of the annual risk-based audit plan and execute audit assignments as per the approved audit work plan;
Perform reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery, backups, data integrity, database administration, end-user controls and information security to ensure that controls surrounding these processes are adequate;
Responsible for developing and maintaining the IT Risk Assessment at the University under the oversight of the Head of Internal Audit;
Conduct IT security audits (e.g. network, operating system and data center), evaluating if security vulnerabilities are properly identified and mitigated.
Assess the security, reliability, and effectiveness of IT systems, including cybersecurity measures.
Coordinate the scope and performance of these reviews with business units and external security experts.
Conduct applications systems audits to determine the completeness and accuracy of transactions that have already been processed and the internal controls therein.
Perform pre and post-implementation reviews of system implementations or enhancements.
Evaluate IT controls and test compliance with those controls.
Review the utilization of information technology and systems to test if they are strategically aligned with the overall mission and goals of the University.
Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness. Provide reports to support informed decision-making and risk mitigation strategies.
Conduct follow-up reviews to ensure implementation of recommendations by the University Council, Audit Risk and Compliance Committee, and External Auditors;
Assist in IT and other fraud investigations;
Undertake consulting, investigations, governance and risk management assignments as necessary;
Preparation of audit reports for effective communication and recommendations to management;
Conduct operational / financial audits
Carry out other responsibilities as may be required by the Head of Internal Audit, Audit and Risk Committee or Management.
QUALIFICATIONS AND EXPERIENCE
Bachelor’s Degree in Information Systems, Computer Science, Business Information Technology or related area from a recognized university;
Certified Information Systems Auditor (CISA);
Certified Public Accountant II;
Proficiency in the use of Computer Aided Audit Techniques;
Proficiency in Microsoft Office Suite Application.
Proficiency in Auditing Principles and Techniques;
Knowledge of Risk Management Principles and Techniques;
At least five (5) years of relevant working experience, of which at least 2 years must be in performing Information Systems Audits.
OTHER SKILLS AND COMPETENCIES
Analytical skills
Excellent report-writing skills
Excellent communication and interpersonal skills
Attention to detail and ability to manage multiple priorities.
Advanced data analysis and interpretation skills.
Apply via :
docs.google.com
