Information System Auditor at Tenwek Hospital

Reporting to the Internal Risk & Audit Manager, the Information Systems Auditor will be required to perform information systems and operations audits, both technical and end-user across the Tenwek Hospital and its outstations. He/she will undertake special investigations, provide advice to the business on a broad range of issues as and when required, and support business growth & process improvements while working closely with other departments and in line with Internal Audit Methodology, processes, procedures and time frames.

Key Responsibilities

• Utilize extensive understanding of business activities to recommend scope and objectives of assigned audits, execute audit procedures, perform detailed analysis, reach sound conclusions, and document results for assigned audit activities.
• Participate in the execution of multiple audit projects to achieve the scope, timing, and objectives of each assignment while ensuring applicable regulatory guidance is included in scope for assigned audits where applicable.
• Proactively identify risks, evaluate controls and make recommendations to improve internal control and operational effectiveness and efficiency.
• Analyze and verify transactions and representations as well as performing review of test work completed by assigned staff.
• Prepare excellent work paper documentation ensuring quality of such documentation in accordance with professional standards, as well as establishing departmental standards and deadlines.
• Recommend departmental improvements to automate procedures, methods, and standards to improve departmental efficiency, productivity and quality.
• Prepare clear and concise recommendations for correction of unsatisfactory conditions, improvements in operations, and reductions in cost and effectively gain concurrence and support for recommended control improvements.
• Facilitates the communication of audit results and special projects via written reports and oral presentations to management;
• Assist in the annual risk assessment process and generation of annual audit plan.
• Identify and analyze level of threat and potential risk to the organization’s information assets
• Ensure that access to electronically stored corporate information is adequately protected and managed appropriate to the risks
• Test adequacy and effectiveness of IS control measures and recommend corrective measures to be undertaken in areas of weakness.
• Perform special audits as and when called upon and make maximum use of Computer Assisted Audit tools e.g. ACL, IDEA etc.
• Assist in training/mentoring of staff and develop and maintain the skills, knowledge and expertise to make valuable contribution to the internal audit team.

Minimum Qualifications, Knowledge Experience& Key Competencies

• Bachelor’s degree in Information Systems or Computer Science from a recognized university.
• Professional Certification in IT, Audit, Risk and Security e.g. CISA, CIA, CISM or CISSP.
• Excellent understanding of auditing concepts and practices with a minimum of 2 years’ experience role in Systems Auditor.
• Skilled in project management and maintaining composure under pressure while meeting multiple deadlines.
• Demonstrable knowledge in risk assessment and control concepts/methodologies.
• In depth Knowledge of IT technologies (operating system, relational databases, network/mobile technologies) and including O database, Unix/Linux/Windows.
• Skilled in negotiation and conflict management to resolve problems that may arise during an audit.
• Excellent oral and written skills; a strong verbal communicator, analytical writer and able to clearly and concisely convey personal observations of processes, risks and controls.
• Excellent analytical ability both qualitative and quantitative to draw sound conclusions coupled with demonstrated knowledge and proper application of sampling techniques.
• Upholds high standards of integrity