Responsible for developing and leading audit, due diligence and special review capabilities within Information Systems Audit section of Internal Audit Department in accordance with IS Audit standards, guidelines and best practices
- Ensure that audit, due diligence and special review services in Information Systems/Technology areas are provided following a Risk Based Audit approach in accordance with IS Audit Standards, guidelines, best practices and other relevant laws, policies and procedures maintaining independence, objectivity and confidentiality at all times.
- Assist in providing independent, objective assurance and consulting service in IT related activities by taking a prominent leadership role in promoting improvements to IT risk management, control and governance process and adding value through a systematic disciplined and focused audit approach.
- Develop Information System audit, review and finalize IS Audit Reports for Director of Internal Audit's review before submission to executive management and the Audit Committee.
- Interact and build good working relationships with departmental heads and other stakeholders in order to coordinate effective performance of audits.
- Review Information System risk assessment based on a standard/methodology to identify potential threat, vulnerabilities and their impact on business and likelihood of occurrence and accordingly develop audit procedures to verify controls and make recommendations to mitigate such risks.
- Review/monitor the audits of IT infrastructure such as computer networks, operating systems, security, IT organisation general controls, Enterprise Business Applications, ERP and other support systems to ensure system confidentiality, integrity, availability, efficiency, effectiveness and compliance with appropriate regulations in providing service to corporation.
- Review new information systems and major modifications to existing systems to ascertain/ensure that controls are adequate, effective, efficient, business requirements are met and compliant with policies and procedures.
- Review information system compliance audit such as Information Security & Privacy, Business Continuity Plan, compliance to laws and regulation to ensure Corporation's interest are protected and business goals are achieved.
- Review and appraise the reliability of accounting & operational data produced by the Information Systems to check its relevance with management requirements and established policies and procedures.
- Oversee the review and finalization of information system audit deliverables such as updated audit programs, scope, information requirements and questionnaires and ensure that all reports and working papers are of required standard and supported by adequate audit evidences.
- Prepare reports on all audit activities, findings, and progress in implementing agreed recommendations and overall assessment of control environment.
- Research and review information system audit literature, research papers, standards and telecom standards in order to improve IS Audit methodology, procedures and techniques.
- Identify training and development needs of IS Audit staff and provide professional direction, guidance and assistance as appropriate and promote team building and culture of knowledge/information sharing and effective relationships throughout the Internal Audit Department.
- Conduct investigations, special reviews of matters of confidential nature including following up discreetly on fraud or misappropriation
- Performing any other duties as directed by Director, Internal Audit.
- First degree in a relevant discipline from a recognized university.
Experience,Skills & Competencies
- Six (6) to Eight (8) years work experience
- Professional auditing qualification CISA in Information Systems.
- IT Security/Information and Application Protection
- Internal Audit/Control
- Passion for Excellence
- Empowering people
- Growing people
- Team work
- Customer Focus