Key Responsibilities
- Assess and evaluate the adequacy and effectiveness of internal controls, including general and application controls for IT systems.
- Perform reviews of system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.
- Ensure compliance with legal, regulatory, and internal policy requirements.
- Execute audit activities in line with the audit plan approved by the board audit committee.
- Lead audit entrance meetings to define objectives, scope, timelines, and required information, incorporating auditee concerns.
- Prepare audit discussion memos (ADM) with confirmed observations, root cause analysis, risk assessment, and recommendations, submitting them for supervisory review.
- Conduct closure meetings to finalize reports with auditee input and ensure action plans address identified gaps.
- Develop final reports for Chief Internal Audit review and circulation to management.
- Optimize the use of internal audit tools and systems to enhance efficiency.
- Foster collaboration by maintaining effective communication within the internal audit function and with other departments.
- Provide guidance and mentorship to colleagues and junior staff.
- Drive remediation of risk management exceptions and promote a strong risk management culture.
- Develop and execute risk-based audit plans with a focus on IT risks, cybersecurity, and emerging threats.
- Assess cybersecurity frameworks, data privacy controls, and IT governance mechanisms to ensure compliance with best practices.
- Identify and mitigate fraud risks in IT systems, including audits for irregularities, unauthorized access, or data breaches.
- Provide advisory support on IT governance, regulatory compliance, and industry standards to enhance system controls.
- Implement and optimize continuous auditing and data analytics for real-time risk monitoring.
- Evaluate IT risks associated with third-party vendors, outsourced services, and cloud computing solutions.
- Review incident response, business continuity, and disaster recovery strategies to ensure resilience against cyber threats.
- Assess risks associated with emerging technologies to ensure secure adoption and implementation.
- Collaborate with IT, compliance, and risk management teams to strengthen IT controls and governance frameworks.
- Conduct training and awareness programs on IT risk management, cybersecurity, and system security best practices.
Qualifications & Skills
- Bachelor’s degree in information technology, computer science, or a related field.
- Professional Certifications: Certified Information Systems Auditor (CISA)—highly desirable; Certified Information Security Manager (CISM); Certified Internal Auditor (CIA).
- Minimum of 5 years’ experience in IT auditing, risk management, cybersecurity, or internal controls.
- Experience in auditing ERP systems, database security, and IT infrastructure.
How to Apply:
Please follow the link provided below.
