Internal Audit Senior Specialist – IT

JOB PURPOSE

The Senior Internal auditor IT is responsible for performing professional internal auditing work on various IT audits, as part of the approved audit plan. Is responsible for the day-to-day conduct and completion of the audit. Work involves leading and conducting Applications/Network/System platform and IT general controls audits (i.e. Planning, fieldwork and reporting); providing consulting services to the bank’s management and staff; and providing input to development of the annual internal audit plan. Maintains all bank and professional ethical standards and completes all internal audit work in compliance the IIA’s International Standards for the Professional Practice of Internal Auditing, ISACA’s Information Systems auditing standards. Works under general supervision with moderate latitude for initiative and independent judgment.

JOB RESPONSIBILITIES

• Assists in identifying and evaluating the organization’s IT risk areas and provides input to the development of the Annual Audit Plan.
• Assigning audit guide sections or program steps to be performed by the staff member(s) assigned.
• Performs audit procedures, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.
• Conducts interviews, reviews documents, develops and administers surveys, composes summary memos, and prepares working papers.
• Conduct data extraction, analysis and security reviews utilizing appropriate tools.
• Support audit and consulting engagements related to IT systems, processes, governance and security.
• Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity, and availability of business information.
• Assisting in providing training, coaching, and guidance to internal audit staff in conducting audits and on other audit-related issues
• Evaluating the efforts of the staff member(s) assigned.
• Maintaining appropriate working relationships with bank staff and internal audit staff.
• Identifies, develops, and documents audit issues and recommendations using independent judgment concerning areas being reviewed.
• Monitoring the day-to-day progress on work assigned.
• Reviewing audit work papers prepared by the staff member (s) assigned to ensure satisfactory completion and initialing to evidence the review.
• Preparing personnel evaluation forms as required/requested
• Communicating audit findings to management throughout the engagement and keeping the Internal Audit
• Preparing the draft audit report, seeing that all findings are adequately supported, and determining those findings to be included in the report or those to be handled as minor findings.
• Presenting and communicating audit findings at the audit review meeting.
• Follow-up audit recommendations in order to verify that corrective actions are implemented to address concerns raised.
• Pursues professional development opportunities, including external and internal training and professional association memberships, and sharing information gained with co-workers.
• Keep abreast and follow latest developments in the internal audit function, particularly in the area of IT audit techniques.
• Develop, improve and implement internal audit processes, procedures, methodologies and working tools for conducting IT audit risk management and control activities.
• Maintain an up-to-date understanding of the Bank’s products, processes and procedures with special focus on IT emerging risks.
• Assist with providing internal control subject matter expertise for new projects, policies, procedures, or tools being implemented.
• Performing other work as assigned by audit management

QUALIFICATIONS/EXPERIENCE

Education: Bachelor’s degree in information technology, Management Information System, Computer Science, Information Security or related field.

Minimum Experience: Four (4)+ years of Internal or External IT audit Experience.

Certifications:

• CISA
• Knowledge of IT best practices and frameworks (i.e. ISO 27001, COBIT, ITIL) would be considered an advantage
• Knowledge of Data analytics and tools such as ACL
• Excellent report writing and presentation skills in English
• Experience with Audit Management Software

COMPETENCIES

• Ethical Orientation
• Analytical thinking
• Business Acumen
• International Professional Practices Framework
• Verbal and Written Communication
• Teamwork-Collaboration
• Drive for Results /Delivery
• Planning
• Leadership
• Research