Assistant Manager, Information & Technology Auditor at Bank of Africa Kenya Limited

Job Purpose

To provide assurance to the Board and Management on the technology risks inherent in the various systems deployed by the bank.

Responsibilities and Accountabilities

Financial pillars contribution

1. Carry out value for money reviews by evaluating the business case for proposed and implemented investments in Information Systems to determine whether it meets its businessobjectives.
2. Recommend improvements to the processes leading to efficiency/cost saving and mitigation against revenue leakage
3. Ensure Audits are performed and completed within the planned audit period and financial budgets assigned.

Customer satisfaction feedback

1. Determine and highlight key IT audit findings for reporting to relevant stakeholders
2. Provide leadership to the audit staff.

Internal Processes/Projects

1. Lead implementation of IT Audit strategy in compliance with IT Audit standards.
2. Appraise the soundness, adequacy, application and efficiency of IT enabled controls to mitigate business risks and make recommendations to management to mitigate the risks.
3. Review of the banks IT, Digital and IT security strategy, and its alignment to the business strategy.
4. Carry out investigations as and when required.
5. Follow up on all IT audits recommendations to ensure timely implementations of controls.

Learning & Growth

1. Develop training schedule for continuous training on the area of specialization

Key Performance Indicators (at least 5)

1. Major improvements embedded from twelve IT missions.
2. Management (Audit Clients) satisfaction (Average of 2).
3. Timeliness completeness of Audit Missions within allocated time
4. 15(Fifteen) assurance engagements completed.
5. 3(Three) special engagements and strategic priority missions.
6. 90 Percent (%) of recommendations implemented.
7. Average of 40 professional training hours per auditor.
8. Staff engagement through work life balance (average leave balance of 6 days)

Minimum Requirements

1. Bachelor’s degree in information systems/Technology, computer science or related field.
2. Must be a member of Information Security Audit and Control (ISACA)
3. Qualifications in Certified Information Systems Auditor (CISA)
4. Certifications in Certified Information Security Manager (CISM), Certified in Risk and Information
5. Systems and Control, Certified Information Systems Security Professional (CRISC), Certified Public
6. Accountants (CPA-K) will be an added advantage.
7. Have at least 5 years in managing IT audit projects in a financial institution
8. Detailed knowledge of Information systems governance and security principles and practice ISO 27001, COBIT 5.
9. Detailed knowledge and practical application of ISACA’s IT standards and code of ethics for IT auditors.

Competencies and Attributes

1. Stakeholder Management: Able to identify the interests of various stakeholders, and champion positive engagements with them to achieve the coverage of approved annual audit plan.
2. Professionalism, negotiation, and Communication skills: able to engage, persuade and convince stakeholders to get desired decisions, information, and output in line with the envisioned deliverables
3. Independence and impartiality. Ability to work efficiently without external influence for independence reporting.
4. Negotiation skills. Able to understand all audit stakeholders’ opinions during the various audit’s assignments.
5. Continuous Professional Learning/Education: Mastery of auditing standards (Norms, procedures, manuals, legal and regulatory framework.
6. Interpersonal skills. Able to interact with all internal and external stakeholders effectively.
7. Teamwork: Assign work amongst different audit officers in the department for efficiency to cover the approved audit plan.
8. Relationships and working contacts
9. Internal Stakeholders: Group and all bank entities
10. External Stakeholders: Service providers
11. Work Environment
12. Office set up.