ICT OFFICER GRADE II (SYSTEMS AUDITOR) - 1 POST
Employer: E-Government Agency (EGA)
Date Published: 2017-11-04 Application Deadline: 2017-11-18
JOB SUMMARY:
The primary responsibility is to ensure effective planning, execution/provisioning of audit services on IT systems hardware, software and infrastructure, including preparation of audit reports. This individual ensures that system hardware, operating systems, software, infrastructure and related procedures conform to the applicable regulatory and operational requirements. He/ She should under indirect supervision perform detailed operational evaluations and undertake control, risk management and governance assessments in relation to implemented information systems and infrastructures.
DUTIES AND RESPONSIBILITIES:
(i) Evaluate ICT, operational and business risks, functions and activities, and recommend nature, scope, direction and thrust of the proposed corrective measures;
(ii) Be involved in preparation of annual risk based audit plan in consideration of the results of the strategic and operational risks assessments;
(iii) Designs audit procedures to execute the annual audit plan in determining effectiveness of risk management, control and governance processes;
(iv) Perform general and application control examination of the computer information systems;
(v) Undertake audit engagements planning and implementing complex audit test and appropriate documentation of results;
(vi) Assist the Senior Auditor to determine audit scope and objective and accordingly develop audit work programs;
(vii) Evaluate the identified critical risks and the respective mitigation approaches.
(viii) Working with the internal audit team to advice on creating a solid information technology infrastructure and ensuring appropriate policies and procedures are in place;
(ix) Perform information control assessment to include compliance of system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance;
(x) Evaluates the adequacy/appropriateness and timeliness of management’s response and the implemented corrective action taken on issued audit recommendations;
(xi) Prepare audit finding memoranda and appropriate working papers to ensure that adequate documentation exists to support the completed audit and conclusions;
(xii) Determine compliance with relevant laws, regulations, guidelines, policies and procedures;
(xiii) Providing ad hoc advice and guidance on operational effectiveness and efficiency;
(xiv) Undertake follow ups on audit findings and recommendations to ensure that management has taken appropriate corrective action(s);
(xv) Anticipating emerging issues through research and interviews to inform on audits to be undertaken;
(xvi) Assist and train other audit staff in the use of computerized audit techniques, and in developing methods for evaluating and analyzing computerized information systems;
(xvii) Performs other duties as assigned by the Senior Auditor.
(ii) Be involved in preparation of annual risk based audit plan in consideration of the results of the strategic and operational risks assessments;
(iii) Designs audit procedures to execute the annual audit plan in determining effectiveness of risk management, control and governance processes;
(iv) Perform general and application control examination of the computer information systems;
(v) Undertake audit engagements planning and implementing complex audit test and appropriate documentation of results;
(vi) Assist the Senior Auditor to determine audit scope and objective and accordingly develop audit work programs;
(vii) Evaluate the identified critical risks and the respective mitigation approaches.
(viii) Working with the internal audit team to advice on creating a solid information technology infrastructure and ensuring appropriate policies and procedures are in place;
(ix) Perform information control assessment to include compliance of system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance;
(x) Evaluates the adequacy/appropriateness and timeliness of management’s response and the implemented corrective action taken on issued audit recommendations;
(xi) Prepare audit finding memoranda and appropriate working papers to ensure that adequate documentation exists to support the completed audit and conclusions;
(xii) Determine compliance with relevant laws, regulations, guidelines, policies and procedures;
(xiii) Providing ad hoc advice and guidance on operational effectiveness and efficiency;
(xiv) Undertake follow ups on audit findings and recommendations to ensure that management has taken appropriate corrective action(s);
(xv) Anticipating emerging issues through research and interviews to inform on audits to be undertaken;
(xvi) Assist and train other audit staff in the use of computerized audit techniques, and in developing methods for evaluating and analyzing computerized information systems;
(xvii) Performs other duties as assigned by the Senior Auditor.
QUALIFICATION AND EXPERIENCE:
QUALIFICATION AND EXPERIENCE
• Bachelor’s Degree either in Information Technology, Computer Science, Computer Engineering, ICT Assurance or equivalent degree from a recognized institution.
• Bachelor’s Degree either in Information Technology, Computer Science, Computer Engineering, ICT Assurance or equivalent degree from a recognized institution.
TECHNICAL QUALIFICATION:
(i) Possession of recognized auditing/information system certifications such as CISA, CISM, CISSP, CEH, and CCNA will be an added advantage;
(ii) Knowledge in Information Technology Risk Management/Governance practices;
(iii) Knowledge in Security Fundamentals (in multiple vendor / open source environments), Linux and Windows Security Administration , Replication and Mirroring- Virtual Private Networks, Network Security;
(iv) Conversant with internal control frameworks/standards such as COSO/COBIT/ ISO/IEC 27000 etc;
(v) Understanding of multiple technology domains including software development, Windows, database management, networking, and UNIX (preferred);
(vi) Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations;
(vii) A working knowledge and experience with using Computer Assisted Audit Techniques (CAATs) technologies and analytics to evaluate controls by examining relevant data;
(viii) Knowledge of risk management and internal controls in enterprise environment;
(ix) Knowledge of accounting and/or auditing practices is an added advantage.
(i) Possession of recognized auditing/information system certifications such as CISA, CISM, CISSP, CEH, and CCNA will be an added advantage;
(ii) Knowledge in Information Technology Risk Management/Governance practices;
(iii) Knowledge in Security Fundamentals (in multiple vendor / open source environments), Linux and Windows Security Administration , Replication and Mirroring- Virtual Private Networks, Network Security;
(iv) Conversant with internal control frameworks/standards such as COSO/COBIT/ ISO/IEC 27000 etc;
(v) Understanding of multiple technology domains including software development, Windows, database management, networking, and UNIX (preferred);
(vi) Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations;
(vii) A working knowledge and experience with using Computer Assisted Audit Techniques (CAATs) technologies and analytics to evaluate controls by examining relevant data;
(viii) Knowledge of risk management and internal controls in enterprise environment;
(ix) Knowledge of accounting and/or auditing practices is an added advantage.
OTHER ATTRIBUTES:
(i) Communication, management, and analytical skills with ability to navigate around and within Agency’s ICT systems and infrastructure;
(ii) Competent interpersonal skills, demonstrating the ability to lead engagements and mentor others;
(iii) Ability to work well independently or in a team and participate in departmental projects;
(iv) Ability to translate business needs and problems into viable and accepted solutions;
(v) Ability to liaise with individuals across a wide variety of operational, functional, and technical disciplines.
(i) Communication, management, and analytical skills with ability to navigate around and within Agency’s ICT systems and infrastructure;
(ii) Competent interpersonal skills, demonstrating the ability to lead engagements and mentor others;
(iii) Ability to work well independently or in a team and participate in departmental projects;
(iv) Ability to translate business needs and problems into viable and accepted solutions;
(v) Ability to liaise with individuals across a wide variety of operational, functional, and technical disciplines.
REMUNERATION: Salary Scale ATTRACTIVE REMUNIRATION PACKAGE IN
Comments
Post a Comment