Job Description
The Nairobi Hospital, a leading health care institution in Eastern Africa has an excellent career
opportunity for an individual who possesses a passion for excellence, strong work ethic, results
oriented and committed to continuous improvement. The successful candidate will be a team
player with the ability to effectively add value to enabling good patient outcomes and shape best
clinical and non-clinical practice in line with our Strategic Plan (2019-2024).
INFORMATION SYSTEMS AUDITOR REF: TNH/HHR/ISA/05/2023
The overall purpose of this role is to independently and objectively provide assurance regarding
the hospital’s information system confidentiality, integrity, and availability.
ROLES AND RESPONSIBILITIES
a) Report in the line of duty to the Internal Audit Manager.
b) Participate in the preparation of the annual audit plan in line with key risk areas and strategic
priorities of the hospital.
c) Review ICT polices and procedure and work instructions for adequacy.
d) Evaluate systems processes to determine efficiency, completeness and accuracy.
e) Assess entire ICT environment from application systems and business protocols to determine
whether business objectives are being attained in a secure environment.
f) Review Hospital’s hardware and software to ensure acquisition and deployment and disposal
process are in line with best practice.
g) Provide assurance on security for the entire ICT environment within the Hospital including
infrastructure.
h) Review information system application servers, backups, IT infrastructure, network to ensure
compliance to policy and best practice.
i) Monitor and report on utility of computer facilities within the hospital for continuous checks
and develop report on findings.
j) Test computer general controls within the Hospital to ensure confidentiality and access
management are well managed.
k) Carry out routine and special audit assignments as requested from time to time and develop
report on findings and recommendations that inform on action points.
l) Prepare audit reports for review and subsequent presentation to senior management and the
Board of Management.
m) Conduct integrated audit in collaboration with the operational auditors to provide assurance
of the internal environment taking into account the ICT aspect.
n) Carry out audit follow ups for assignments carried on a quarterly basis based on audit reports
recommendations and develop reports on implementation status and verify.
o) Keep abreast on latest technology and trends to provide input to mitigate emerging threats to
the Hospital; and
p) Any other responsibilities that may be assigned to the job holder by the supervisor from time
to time.
EDUCATION AND EXPERIENCE
▪ Bachelor's degree in information systems, Computer Science, Information Technology or
any other ICT related field from a recognized Institution.
▪ Certified Information Systems Auditor (CISA).
▪ Certified Internal Auditor (CIA)
▪ Certified Fraud Examiner (CFE)
▪ Must be up to date with ISACA.
▪ Member in good standing of ISACA/IIA/ACFE
▪ Minimum of 5 years relevant experience.