Job Objectives
To provide independent assurance to management on IT General Controls.
Ensure best assurance practice in the plan and execution of IS Audit Programs.
Ensure enterprise wide compliance of business processes and operations to internal policies, procedures and documentations.
Incorporation of standard practices, principles and processes into audit programs and execution.
Review of risk related control issues and draft appriopriate remediation plans.
Understand the business environment and develop relationships with audit client in providing value added solutions and best practices implementation.
Duties & / Responsibilities
Audit Review of Database Management Systems, Enterprise Network security and Device configuration, Antivirus, Systems Patches and Log Management.
Audit Review of Software Development Life cycle, Project Management Implementation and Change Management Procedures.
Audit Review of Data Encryption Processes, Key Management Lifecycle, and Operating Systems, physical and logical security of card holder environment.
Audit Review of Active Directory, Operating Systems, Data backup and tape management.
Assess systems and general IT controls and provide practical and Value added remediation plans.
Prepare audit reports that summarize the most significant control weaknesses and resulting impact to the organization.
Participate in multiple and simultaneous riskÃÂâÃÂÃÂÃÂê Contribute to internal departmental initiatives such as trainings, departmental development initiatives and other internal projects as requested.
Effectively discuss audit issues and develop business focused controls recommendations to strengthen control lapses and weaknesses based audit while maintaining departmental quality standards. Function as part of a team or work independently when requires.
Requirements
Education:
University: First Degree(s) in Information Technology, Computer Science, or Related field. OTHERS: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or related professional certifications would be an added advantage.
Experience:
Minimum of 6- 10 yearsof experience in IT Auditing or a similar role.
Understanding of the key technology and general controls around enterprise Applications and information systems.
Candidate must possess the ability to Communicate effectively audit issues and remediation plans.
Knowledge:
Knowledge of Systems and General IT Controls.
Analytical skills to access Operational and Compliance Requirements of Application Systems and infrastructure.
Strong Data Analysis and experience with Computer Assisted Auditing Techniques.