Job Description
To provide an innovative, responsive and effective value adding Information Systems Audit Services to the bank by assisting the Board and the Management in evaluating and recommending improvements in the effectiveness of enterprise risk Management, internal control systems and corporate governance.
Responsibilities
• Consistency in reviewing and giving viable recommendations on compliance requirements, optimal efficiency and cost containment with regard to information systems of the bank.
• Review of KB’s critical systems, recommendation and implementation of appropriate and adequate IT security controls to mitigate and minimize information security risks. Continuous review of controls in place to identify and close gaps and provide continuous assurance on the governance, security and robustness of the bank’s information systems
• Review robustness of the bank’s information system security and effectiveness of systems (policies, processes, procedures and tools) in escalating and investigating with IS security violations.
• Adequacy of personal competence to effectively maintain quality assurance for the bank’s information systems in a manner that consistently meets established standards or benchmarks.
• To review and assure Confidentiality, Integrity and Availability of all information resources in the bank.
• Carry out vulnerability assessments, internal and external penetration tests for all the IT systems.
• Facilitate Risk assessments for all IT resources with consistent follow up for issues closure to ensuring efficient and effective mitigation of all identified risks.
• Support the Head of Internal Audit in ensuring timely assurance on all ICT related matters to the bank’s stakeholders.
• Provide adequate assurance on the governance, controls, risk management, value for money, implementation, utilization, vendor management, revenue assurance, customer service/convenience, user support, change management, database management and data quality in all the bank’s digital channels.
• To support the internal audit department in comprehensive data analytics as a tool for effective assurance.
• Offer consulting/advisory reviews during project implementation.
• Act as the liaison person with external IS auditors/consultants during scheduled reviews
Qualifications
• University degree in Computer Science or IT
• CISA (Certified Information Systems Auditor) and or CIA (Certified Internal Auditor) qualifications will be an added advantage.
• Over 6 years working experience in a busy IT, Professional Audit firm or in General banking operations with 2 years as an IS auditor.