Job Purpose

• Reporting to the Head of Internal Audit, the Information Systems Auditor will be responsible for reviewing and evaluating the automated information processing systems, related non automated processes and the interfaces between them to ensure that information system controls are in place and that laid down information system policies and procedures are adhered to.

Key Responsibilities

• In charge of the Information System audit function of the Internal Audit Department.
• Develop and implement the annual Information Systems audit plan.
• Ensure that the Bank develops and maintains sound Information System policies and procedures that minimize risks without compromising efficiency.
• Assess the risks inherent in the bank’s information systems and recommend measures to mitigate them.
• Provide system investigation services whenever required.
• Evaluate the Bank’s compliance with internal information system policies, procedures and operating instructions.
• Conduct regular and surprise inspection of all procedures, policies and processes ensuring that they comply with all statutory requirements and best practice.
• Evaluate business continuity and disaster recovery including back up procedures, business continuity and disaster recovery plans, tests, sites, and usability.
• Evaluate and report on system infrastructure and life cycle management.
• Review system development, acquisition and maintenance.
• Ensure change management principles are followed.
• Provide support to other assurance processes to ensure the overall opinion incorporates the risks identified in the underlying information systems.
• Monitor the implementation & operation of defined controls and recommendations on an ongoing basis.
• Assist the Risk department with technical expertise to ensure ICT risks are well managed.

Qualifications and Competencies

• Be a holder of a bachelors degree in Computer Science or IT related field.
• Should possess professional qualification in Certified Information Systems Auditor (CISA) and/or Certified Information Security Manager (CISM).
• Possession of other Cisco certifications such as CCNA and CCSP will be added advantage.
• Should have thorough knowledge of current auditing techniques and experience of the entire audit process.
• Should possess advanced ACL skills and/or other audit skills.
• Should have a minimum of five years’ experience in information systems audit.
• Should have excellent analytical skills and great attention to detail.
• Should have strong communication and presentation skills.
• Should have broad knowledge of information systems and operations in view of the internal audit objectives.
• Should be able to work independently, meet deadlines and obtain results.