Job Description
Job Purpose
Reporting to the Deputy Director, the role holder will oversee a team of auditors to provide assurance and advisory on all aspects of Information Technology for effective management of IT related risks in the Bank.
Key Duties and Responsibilities
1. Provide support and monitor implementation of the internal audit strategic plan.
2. Develop and monitor the implementation of a risk based annual audit plan with adequate coverage of IT related risks.
3. Assess the effectiveness of the IT control environment and drive improvements by identifying potential risks and ensuring prompt corrective actions.
4. Develop project assurance plans and provide pre-implementation assurance for IT projects to ensure effective management of key project risks.
5. Proactively identify emerging IT risk and assess the Bank’s mitigation measures.
6. Provide leadership and guidance to the audit team and foster a high performing culture through coaching and mentorship.
7. Drive automation and operational excellence in continuous audit and monitoring programs using technology and maintain awareness of business process owners.
8. Manage planning, execution and reporting of IT audits while maintaining thorough and high-quality results within defined audit plans and budgets.
9. Prepare and periodically update a resource plan by estimating skills and time needed to complete audits.
10. Maintain an effective internal quality assurance program to achieve conformance of internal audit practices to Global internal Audit Standards and Bank’s Internal Audit methodology.
11. Track the implementation of internal and external audit issues and maintain periodic reporting to Management and Board.
12. Develop productive relationships with process owners throughout the audit cycle and maintain a collaborative work relationship with other assurance teams to effectively plan and execute audits.
13. Supervise special audits, investigations, and/or ad-hoc projects as may be directed from time to time.
14. Manage documents, files and electronic information in an organized, efficient and secure manner.
15. Demonstrate high standards of conduct and ethics as well as ability to use appropriate judgment and discretion.
16. Perform departmental administrative and other Bankwide duties as assigned.
Qualifications
1.A Bachelor’s Degree in Computer Science, Management Information Systems, software engineering or a related technology field from a reputable university.
2.Certified Information Systems Auditor (CISA) qualification is mandatory.
3.Professional membership to the Institute of Internal Auditors (IIA) and / or Information Systems Audit and Control Association (ISACA) and in Good standing is mandatory.
4.Professional qualification(s) in any of the following is an added advantage:
-Certified Information System Security Professional (CISSP)
-Certified Information Security Manager (CISM)
-Certified Internal Auditor (CIA)
Work Experience
A Minimum of ten (10) years IT audit experience with at least five (5) years in audit management role in an organization of similar size and complexity or an established audit firm.
Competencies
Technical Competencies
1. Strong technical skills in understanding of core Information Technology processes and systems (e.g., cloud technologies, operating systems, data management, networking, systems development lifecycle, information security, cyber security, etc.)
2. Good technical skills in understanding of core IT processes and systems with audit experience across various areas of IT, including databases, operating systems and applications.
3. Strong IT skills that include experience in Computer Assisted Audit Techniques (CAATs) and banking information systems.
4. Possess advanced knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, change control, data privacy, and business continuity
5. Knowledge of Internal Audit Methodology (e.g., International Professional Practices Framework (IPPF) and Committee of Sponsoring Organizations (COSO) framework.
6. Knowledge of continuous auditing and monitoring, data analytics tools and Computer Assisted Audit Techniques (CAATs).
Behavioural/ General Competencies
1. Leadership - Ability to motivate, influence and staff to act towards achieving a common goal. Create and articulate a vision, inspiring others to work towards achieving the vision and providing developmental and stretching opportunities to staff - in line with skills, abilities and experience.
2. Decision Making - Ability to go through a thought process of selecting the logical choice out of a set of options within a reasonable amount of time.
3. Professionalism, work ethic & integrity - Ability to convey the level of excellence and competence that is expected. Define, communicate and consistently exemplify the Bank’s values and ethics.
4. Collaboration and teamwork - Ability to work collaboratively within a group of people in order to achieve a common goal. Support team members to take decisions independently and take the lead in their area of expertise –
5. Accountability and professional development - Lead initiative/s or action/s towards the achievement of the department/Company-wide goals/ mission.
6. Creativity and innovation - Promote an environment that encourages creative thinking, and innovation within the ambits of existing rules/guidelines.
7. Digital mind-set - Ability to recognize the importance and impact of technology on the ways of working and integrate technology in the day-to-day job to achieve efficiency, quality and productivity in the function.
8. Risk awareness and focus - Ability to the forecast and evaluate of all forms of risks together with the identification of procedures to avoid or minimize their impact.
9. Customer focus - Establish service standards and develop strategies to ensure that the same are met.
10. Emotional Intelligence - manages emotions in a mature and composed manner as expected of a leader.
11. Highly analytical and ability to challenge status quo based on quantitative facts and impacts.