Job Description

The Senior IT Audit role involves performing independent objective assurance and consulting services to the business that adds value to and improves the organisation's systems, operations, and risk-based controls; whilst upholding Organizations values and keeping abreast of the risks facing Organization and the changes within Organization. This includes completing the ratified IT audit plan including IT, regulatory audit projects; providing advisory services to the organisations management and employees; maintaining organisational and professional ethical standards and by conducting internal IT audit reviews. Working collaboratively, with latitude for initiative and independent judgement.Work experience

• IT Internal Audit experience in a listed company.
• Minimum of 5 years experience in an External Audit and/or corporate IT Internal Audit capacity is essential, of which 2-4 years experience in a senior role.
• Comprehensive and extensive knowledge of the IT industry, technology, and operations.
• Working experience of integrated IT risk-based auditing practices, methodologies, frameworks (COBIT, ITIL, COSO, ISO17799ISO27001, etc.), global benchmarking tools and regulations.
• Experience in the correct selection, application and combination of auditing practices, tools, and techniques to conduct operational and IT audits.
• A minimum of 4-5 years experience conducting on-site IT audit engagements.
• SAP experience is highly advantageous.
• ACL experience is advantageous.
• Ability to perform database and operating system audits.
• Ability to perform IT general controls and application controls reviews.

Education

• A qualification in B.Sc. Honours (IT/Information Systems or BCom Honours (IT/Information Systems) essential.
• CA or CIA qualification is advantageous.
• Any of the following IT management or technical certification is highly advantageous:
• ITIL Foundation Certificate;
• ITIL Manager Certificate;
• CobiT Foundation Certificate;
• CISSP;
• CISA;
• CISM; and

Key work output and accountabilities
Internal Audits and key projects

• Perform IT General Control reviews, Application Control reviews and IT Security reviews.
• Perform Business Process Analysis, defining the audit scope and creating audit programmes.
• Proactively providing input to the IT Audit Plan and suggesting changes to the IT Audit plan based on emerging risks and changes as per the agile auditing methodology.
• Execute field IT Audits ensuring that the deadlines and budgets are met.
• Compile adequate working papers, execute audit tests, conduct interviews, gather evidence, and liaise regularly with business to provide information on the progress of the work.
• Performance of audit procedures, including identifying and defining issues, developing criteria, reviewing, and analysing evidence and documenting business processes and procedures.
• Identify and analyse internal control breakdowns/deficiencies and trends and communicate these appropriately.
• Plan, execute and report on Special Projects and investigations which may be assigned from time to time.

Audit Reporting

• Prepare IT audit reports and memorandums for sign off by the Head: Group Risk, Audit and Forensic Services for presentation to the Divisional Internal Audit Committees and Organization Board Audit Committee in an independent manner.
• Communicate the results of the IT audit reports, consulting to business and special projects through written reports and oral presentations to Management.

Budget Control

• Monitor and meet the IT Internal Audit Budget.

Risk management

• Highlight risk areas and provide assurance to the business that internal controls and processes are effective and operating as intended to safeguard all Group business operations in terms of people, assets, processes, and systems.
• Monitor key result areas of the IT internal audit department and ensure compliance according to the mandate set by the Divisional Internal Audit Committees and Organization Board Audit Committee.

Quality control

• Ensure that the planning of each audit is performed according to the IIA standards and has the appropriate level of quality control to be appropriately closed.

Best practice benchmarking

• Identify and manage the risk process by providing a professional, disciplined, industry referenced and forward-thinking approach which includes:
• Play a partnership role in the risk identification and management process.
• Provide a professional, proactive, and forward-thinking approach to evaluating and improving the effectiveness of risk management, controls, compliance, and governance processes.
• Keep up to date with technological and business changes to adjust audit methods so that they are always efficient and appropriate.
• Present new audit methods at internal training sessions and share knowledge with team members to upskill the department and facilitate team building.

EQPlus Technologies