ROLE OVERVIEW
Plan, execute, and report on risk-based audit and advisory engagements across assigned business domains applying the IIA's International Professional Practices Framework (IPPF) and the Global Internal Audit Standards, ensuring audit work is evidence-based, objective, and adds measurable value to the organisation.
ROLE DESCRIPTION
Audit Planning & Risk Assessment
Contribute to the development of the risk-based Annual Audit Plan (AAP) in alignment with the IIA IPPF, the organisation's Enterprise Risk Management (ERM) framework, and the Three Lines Mode
Prepare detailed audit planning memoranda including scope, objectives, risk and control matrices (RCMs), and resource requirements for assigned engagements.
Identify and document key risks and controls across Connectivity, Cyber Security, Cloud & Compute, and Payments domains through stakeholder interviews and process walkthrough
Audit Execution & Quality Assurance
Execute risk-based performance, compliance, financial, and IT/IS audit engagements in accordance with IIA Standards (2024 Global Internal Audit Standards), ISACA ITAF, and COSO Internal Control - Integrated Framework.
Prepare high-quality workpapers that document audit procedures, evidence obtained, findings, and conclusions in line with the department's quality assurance and improvement programme (QAIP).
Apply data analytics tools and CAATs (IDEA, ACL/Galvanize, Power BI, SQL) to improve audit coverage and identify anomalies.
Connectivity & Revenue Assurance Audit
Audit end-to-end provisioning, mediation, rating, and billing processes across fixed-line, mobile, broadband, and wholesale products to identify revenue leakage.
Review interconnect and roaming settlement processes, NNI configuration accuracy, and CDR reconciliation controls.
Assess compliance with Communications Authority of Kenya (CA) licensing conditions, Quality of Service (QoS) obligations, and consumer-protection regulations.
Reporting & Stakeholder Engagement
Draft clear, concise, and well-evidenced audit reports with root-cause analysis, risk ratings, and practical recommendations aligned to the IIA's report communication standards.
Present findings and agreed management action plans (MAPs) to process owners and senior management, facilitating constructive engagement on remediation priorities.
Engage senior management and functional heads to understand business changes, agree audit scope, resolve audit issues, and coordinate integrated assurance activities.
Manage relationships with external auditors to enable appropriate reliance and efficient assurance coverage.
Track and validate closure of audit findings, escalating overdue or re-opened issues.
Continuous Improvement & Professional Development
Keep abreast of emerging risks, regulatory developments, and audit best practices relevant to the telecommunications and fintech sectors in Kenya and across East Africa.
Actively pursue and maintain relevant professional certifications (CIA, CISA, CFE, CISM) and participate in IIA Kenya Chapter activities.
Support the function's transition to agile/continuous auditing methodologies and automation of routine audit proceÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂÃÂâÃÂÃÂÃÂÃÂdures.
REGULATORY & STANDARDS ALIGNMENT
The role requires working knowledge of:
IIA Global Internal Audit Standards (2024 Edition) and the Three Lines
ModelISACA COBIT 2019 & IT Assurance Framework
(ITAF)ISO/IEC 27001:2022 - Information Security Management
SystemsCommunications Authority of Kenya (CA) - Licensing, QoS & Consumer Protection RegulationsKenya Data Protection Act, 2019 & ODPC guidancePOCAMLA - AML/CFT & Financial Reporting Centre (FRC) requirementsKenya
Revenue Authority (KRA) compliance requirementsCOSO Internal Control - Integrated Framework
QUALIFICATIONS & EXPERIENCE
Bachelor's degree Accounting, Finance, Information Technology, Computer Science, or a related field.
Professional Certifications CPA/ ACCA/ ISACA/ IIA or demonstrable progress towards certification.
Minimum 3 years' internal or external audit experience, with at least 2 years' auditing technology-intensive environments in telecommunications, fintech, banking, or a related sector.
Working knowledge of data analytics tools (IDEA, ACL, Power BI, or SQL) and audit managementsystems.
Strong written communication skills with a demonstrable ability to produce clear audit reports and workpapers.