Job Description
Information Systems Auditor Grade 9/10 (1 Position)-UOK/ADM./3/10/23
Requirements
i. Undergraduate degree in Computer Science or IT related field from a
recognized university;
ii. Professional Qualifications in Certified Information Systems Audit (CISA) or
Certified Information Systems Management (CISM) is desirable.
iii. Three (3) years’ experience in Information Systems audit within an internal
audit function or external audit work experience specializing in Information
Systems audit from a reputable institution.
iv. Possession of qualifications such as CIA, CPA or ACCA is an added
advantage.
v. Ability to apply professional and other skills acquired in an Enterprise
Resource Planning environment.
vi. Good understanding of information systems controls and techniques for
evaluating such controls, concept of risk and risk assessment.
vii. Sufficient understanding of diverse information systems environment and
architecture, software, computer operations and systems lifecycle.
viii. Thorough understanding of business processes and of Network Security and
controls for LAN/WAN.
ix. Detailed knowledge of information systems governance and security
principles and practices.
x. Ability to gather data, compile information and prepare reports;
xi. Demonstrate deep understanding of the internal audit process, controls,
procedures and investigation techniques;
xii. Excellent communication, analytical, planning, organizational and
interpersonal skills.
Duties and Responsibilities
i. Conducting regular risk assessments in University’s Information System and
recommend measures to mitigate them;
ii. Contribute to the development of the annual Information Systems audit plan,
programmes and schedules on priority basis.
iii. Execute Information systems audit reviews based on the annual Information
Systems Audit plan;
iv. Perform audits of information systems controls including data integrity,
backup and disaster recovery, data Centre procedures, data
communication and access controls, database administration and end user
control;
v. Conduct applications systems audits to determine the completeness and
accuracy of transactions that have already been processed and the internal
controls therein.
vi. Evaluate management action and controls needed to manage risks
effectively, advise and where needed facilitate improvements;
vii. Monitor the implementation and operation of defined controls and
recommendations on an ongoing basis;
viii. Ensure that the University’s information technology is in compliance with the
University’s Policies and Procedures requirements;
ix. Assist in IT and other fraud investigations.
x. Any other duty as may be assigned by immediate supervisor.