Job Details

Risk Management

Job Purpose

To review and assess in collaboration with Audit Managers, the high-risk areas of the bank to give assurance that good governance practices are in place and internal controls are exercised. Provide support in ensuring the achievement of the Group Internal Audit (GIA) function mission which is to provide independent, objective assurance and consulting services that are designed to add value and improve Group operational controls. Support Group Internal Audit in accomplishing its objectives by bringing a systematic, disciplined approach to the evaluation and improvement of the effectiveness of risk management, control and governance processes.

Key Responsibilities/Accountabilities

• Understand, comply and implement the Internal Audit Strategy and contribute towards team goals and objectives.
• Contribute to development of the GIA Annual Audit Plan applying a risk-based approach.
• Understand annual key risk concerns around Information Technology as well as industry and latest trends impacting risk and control practices.
• Deliver allocated assignments within with agreed time, scope, and budget.
• Provide Business and IT management with guidance on IT risk management.
• Conduct and lead IT audits and review of systems, applications and IT processes. These include Project Assurance reviews, IT Security audits, IT General & Application Controls and review of IT policies, procedures and frameworks
• Utilise data analytics and tools to analyse data and enhance audit efficiency and effectiveness.
• Document working papers, from planning to reporting, within allocated deadlines.
• Identify and recommend areas of improvement in the control environment.
• Provide input on significant and material findings reporting.
• Perform quality and timely issue tracking, validation and reporting.
• Report or share information on emerging trends and potential solutions for addressing control weaknesses, process efficiency challenges or resolving open audit issues.
• Contribute to continuous enhancement of quality control standards and toolkits for audit assignments
• Build and foster relationships with internal audit teams and stakeholders

Minimum Qualification and Experience

• Degree in Computer Science or related discipline.
• Certified Information System Auditor (CISA).
• Additional certification e.g. CISM, CRISC; an added advantage.

Experience

• At least 2-3 years’ experience in Information Systems Audit