ROLE OVERVIEW

• Plan, execute, and report on risk-based audit and advisory engagements across assigned business domains applying the IIA’s International Professional Practices Framework (IPPF) and the Global Internal Audit Standards, ensuring audit work is evidence-based, objective, and adds measurable value to the organisation.

ROLE DESCRIPTION

Audit Planning & Risk Assessment

• Contribute to the development of the risk-based Annual Audit Plan (AAP) in alignment with the IIA IPPF, the organisation’s Enterprise Risk Management (ERM) framework, and the Three Lines Mode
• Prepare detailed audit planning memoranda including scope, objectives, risk and control matrices (RCMs), and resource requirements for assigned engagements.
• Identify and document key risks and controls across Connectivity, Cyber Security, Cloud & Compute, and Payments domains through stakeholder interviews and process walkthrough

Audit Execution & Quality Assurance

• Execute risk-based performance, compliance, financial, and IT/IS audit engagements in accordance with IIA Standards (2024 Global Internal Audit Standards), ISACA ITAF, and COSO Internal Control – Integrated Framework.
• Prepare high-quality workpapers that document audit procedures, evidence obtained, findings, and conclusions in line with the department’s quality assurance and improvement programme (QAIP).
• Apply data analytics tools and CAATs (IDEA, ACL/Galvanize, Power BI, SQL) to improve audit coverage and identify anomalies.

Connectivity & Revenue Assurance Audit

• Audit end-to-end provisioning, mediation, rating, and billing processes across fixed-line, mobile, broadband, and wholesale products to identify revenue leakage.
• Review interconnect and roaming settlement processes, NNI configuration accuracy, and CDR reconciliation controls.
• Assess compliance with Communications Authority of Kenya (CA) licensing conditions, Quality of Service (QoS) obligations, and consumer-protection regulations.

Reporting & Stakeholder Engagement

• Draft clear, concise, and well-evidenced audit reports with root-cause analysis, risk ratings, and practical recommendations aligned to the IIA’s report communication standards.
• Present findings and agreed management action plans (MAPs) to process owners and senior management, facilitating constructive engagement on remediation priorities.
• Engage senior management and functional heads to understand business changes, agree audit scope, resolve audit issues, and coordinate integrated assurance activities.
• Manage relationships with external auditors to enable appropriate reliance and efficient assurance coverage.
• Track and validate closure of audit findings, escalating overdue or re-opened issues.

Continuous Improvement & Professional Development

• Keep abreast of emerging risks, regulatory developments, and audit best practices relevant to the telecommunications and fintech sectors in Kenya and across East Africa.
• Actively pursue and maintain relevant professional certifications (CIA, CISA, CFE, CISM) and participate in IIA Kenya Chapter activities.
• Support the function’s transition to agile/continuous auditing methodologies and automation of routine audit proce​​​​​​​dures.

REGULATORY & STANDARDS ALIGNMENT

The role requires working knowledge of:

• IIA Global Internal Audit Standards (2024 Edition) and the Three Lines
• ModelISACA COBIT 2019 & IT Assurance Framework
• (ITAF)ISO/IEC 27001:2022 – Information Security Management
• SystemsCommunications Authority of Kenya (CA) – Licensing, QoS & Consumer Protection RegulationsKenya Data Protection Act, 2019 & ODPC guidancePOCAMLA – AML/CFT & Financial Reporting Centre (FRC) requirementsKenya
• Revenue Authority (KRA) compliance requirementsCOSO Internal Control – Integrated Framework

QUALIFICATIONS & EXPERIENCE

• Bachelor’s degree Accounting, Finance, Information Technology, Computer Science, or a related field.
• Professional Certifications CPA/ ACCA/ ISACA/ IIA or demonstrable progress towards certification.
• Minimum 3 years’ internal or external audit experience, with at least 2 years’ auditing technology-intensive environments in telecommunications, fintech, banking, or a related sector.
• Working knowledge of data analytics tools (IDEA, ACL, Power BI, or SQL) and audit managementsystems.
• Strong written communication skills with a demonstrable ability to produce clear audit reports and workpapers.