Job Purpose

The overall responsibility of this role is to conduct audits of the Bank’s IT infrastructure, application systems and processes to provide assurance to the Board and Management of the integrity, availability and confidentiality of the Bank’s information through evaluation of internal controls within the information systems environment.

Key Responsibilities

Financial

• Execute a risk-based IT Audit plan in line with the IT Audit Strategy and in accordance with applicable IT Audit and Assurance Standards.
• Carry out value for money reviews by evaluating the business case for the proposed investments in information systems to determine whether they meet business objectives.

Customer & markets

• Assist in preparation of concise and informative audit reports to effectively communicate the findings and recommendations to management.
• Provide independent assessment of project status and achievement of stated objectives, as well as value addition by evaluating effectiveness of risk management on both IT and organizational aspects.

Operational & sustainability

• Develop and execute relevant information systems audit programs addressing the key risks in the Bank, proposing practical and value-added recommendations to address control 

• weaknesses and provide evidential support for findings.
• Review and evaluate the effectiveness of corrective action plans that address IT audit report findings and track the status of all action plans to completion.
• Ensure implementation of controls by following up on agreed actions and recommendations raised by external IT auditors and consultants.
• Facilitate the identification of current or emerging IT process risks and facilitate improvement efforts by advising on remedial action.

Leadership

• Driving a culture of teamwork within the audit team to ensure effectiveness in conducting audits and conformance to professional standards is always upheld

Key Relationships

Direct Reports to this Position - N/A

Customers of this Position - Internal Audit clients and other staff

Knowledge; Skills and Experience required for this Role

Job Knowledge and Experience:

• At least 5 years’ working experience in auditing information systems in an internal audit environment or in professional services firm, preferably in a financial institution.
• Understanding of a banking environment would be an added advantage.
• Working knowledge of conducting penetration testing and vulnerability assessments to assess the effectiveness of the cybersecurity controls implemented
• Knowledge of information systems, governance and security principles & practices e.g. ISO27001, COBIT and ITIL frameworks.
• Data analytics and continuous auditing skills

Education:

• Bachelor’s degree in computer science, Information Systems Management or related fields from a recognized institution.
• Professional certification in Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP). Other qualifications such as CIA, CISM, CEH, CCNA or CPA/ACCA would be an added advantage.
• Knowledge and experience in the use of computer assisted audit tools/techniques (CAATs)
• Member of ISACA.

Competencies required for this Role:

• Analytical Skills
• Delivering Results and Meeting Customer Expectations
• Writing and Reporting
• Coping with Pressures and Setbacks
• Following Instructions and Procedures
• Applying Expertise and Technology