IT Auditor Full-time Job
3 weeks ago Human Resources Kigali 2 views Reference: WJxbol9NdgwJob Details
JOB PURPOSE
The IT Auditor is responsible for executing audit engagements related to information technology (IT) infrastructure, systems, applications, and processes. This role requires a deep understanding of IT risk management, security controls, and compliance requirements, along with strong analytical and communication skills. The IT Auditor works independently or as part of an audit team to assess the effectiveness of IT controls, identify potential vulnerabilities, and provide recommendations for improvement. IT Auditor should contribute in safeguarding Bank’s IT related resources and assets, reliability and integrity of information, efficient and effective operations, compliance with Bank’s polices, standards, procedure, laws and regulation.
KEY RESPONSIBILITIES
Planning and Execution of IT Audits:
Develop audit programs and procedures based on IT risk assessments, industry standards, and regulatory requirements.
Execute IT audit engagements according to established plans, timelines, and methodologies.
Conduct walkthroughs, interviews, and reviews of IT documentation, policies, and procedures.
Perform tests of IT controls to evaluate their design and effectiveness.
Gather and analyze data from IT systems, applications, and infrastructure to identify control deficiencies, vulnerabilities, and potential security risks.
Compliance Review:
Review regulatory, industry standard, and other compliance-related document and create internal documentation regarding relevant regulatory frameworks that will be followed to make sure internal procedures, systems, applications, documentation comply with applicable requirement such as compliance laws, regulations, guidelines, standards and rules to enhance integrity, quality, and consistency of operational audit processes; also advise staff about regulations.
Evaluating risk on IT System’s Lifecycle: Develop Risk Based audit plans; carry out risk management assignments in the institution on various information systems. Assess, identify and provide solution for risk to protect organization information.
Prepare accurate and concise audit work papers, findings, and recommendations.
Document audit procedures, evidence, and results in accordance with audit standards and best practices.
Communicate audit findings, observations, and recommendations to IT management and other stakeholders.
Follow-Up:
Ensure to prepare a monthly follow up audit and update records (i.e, tracking open audit observations to confirm the execution of remediation plan timely or document explanations from relevant authorities on late actions and share updates the auditees
Perform continuous assessment in IT field for making follow up action plan and discuss to immediate manager the action which have taken by auditee timely in accordance with follow-up procedures and escalate them properly when appropriate
Assist Senior Auditors to follow-up recommendations after fieldwork completion
Provide input to audit planning meetings to ensure relevant technology risks and processes are included.
Track and follow-up on the implementation of audit recommendations to ensure corrective actions are taken.
Contribute to the continuous improvement of the audit function by identifying opportunities to enhance audit processes, methodologies, and tools.
Propose potential automation opportunities for IT audits.
Carryout special investigation if required by the Department/Audit plan.
Contributes to Internal Quality Assessment activities; providing recommendation and contributing to best practices with industry professionals
Any other task as assigned by direct supervisor.
SKILLS AND COMPETENCIES
Experience: minimum of 3 years with relevant experience.
Good understanding of professional internal auditing standards, practices and methodologies, IT risks and controls frameworks, compliance requirements.
Certifications such as CISA, CISM, CISSP, or GIAC are highly desirable.
Working knowledge and experience in internal audits in bank related business and its control and operation
Strong analytical, problem-solving, and critical thinking skills.
Good reporting skills to produce and review accurate audit report
Able to demonstrate qualities to build credibility in order to gain stakeholder buy-in
Planning and organising skills; to plan work, allocate resources, ensure on time delivery and maintain control
High level of Integrity; Honesty and being fair; building trust and integrity with fellow staff and managers; protection of confidential information of the Company, suppliers and client.
Demonstrated technical capabilities to independently manage audits
Demonstrate advanced analytical capabilities in identifying fraud and other financial irregularities
Understanding of banking regulations, industry standards, and compliance requirements
Fluency in English (both written and verbal communication)
Experience: minimum of 3 years with relevant experience.
QUALIFICATIONS AND EXPERIENCE
Bachelor’s degree in information Technology, Information Security, Computer Science or related Field
Certifications such as CISA, CISM, CISSP, or GIAC are highly desirable.
