Internal Auditor II ( Information Systems Auditor) at Co-operative University of Kenya (CUK)

REMUNERATION:

• Basic Salary per month range: Kshs. (96,006/= - 147,805/=)
• House Allowance per month: Kshs. 47,915/=

Applicants should meet the following requirements:

• Must possess a Masters degree in Accounting/Finance/Computer Science/ Information Technology or a relevant field from an accredited/recognized institution;
• Must possess CPA Part II or equivalent;
• Must possess relevant experience as an Information Systems Auditor with exemplary performance;
• Must be a Certified Information Systems Auditor (CISA).

OR

• Must possess a Bachelor degree in Accounting/Finance/Computer Science/ Information Technology or related field from an accredited/recognized institution;
• Must possess CPA Part III Section 5 & 6 or equivalent;
• Must possess three (3) years experience as an Information Systems Auditor or equivalent at Grade 10 or comparable position with exemplary performance;
• Must be a Certified Information Systems Auditor (CISA).

OR

• Must possess CPA (K) with proof of registration or equivalent;
• Must possess three (3) years experience as an Information Systems Auditor or equivalent at Grade 10 or comparable position with exemplary performance;
• Must be a Certified Information Systems Auditor (CISA).

In addition, the applicant:

• Must possess excellent analytical skills, excellent report writing, organizational, good interpersonal relationships, time management, communication, decision-making making and problem-solving skills;
• Must demonstrate a strong understanding of information security principles, risk management and IT governance;
• Must be proficient in Audit Common Language (ACL) or other audit tools is highly desirable;
• Must demonstrate ability to manage audits independently and meet strict deadlines;
• Must have proven ability to work both independently and collaboratively with cross-functional teams;
• Must be a member of a relevant professional body;
• Must demonstrate excellent customer service skills;
• Must possess knowledge of the respective laws and regulations governing the area of specialization;
• Advanced knowledge of relevant ERP Systems;
• Possession of Additional professional certifications such as Certified Information Security Manager (CISM), Cisco Certified Network Associate (CCNA), or Certified Cloud Security Professional (CCSP) and experience in a University setup or institution for Higher learning will be an added advantage.

Duties & Responsibilities

• Develop and execute annual audit plans covering both financial and information systems audits;
• Monitor implementation of the audit plan and ensure timely completion of audit assignments;
• Assess internal controls for effectiveness, efficiency and adequacy in supporting business processes;
• Conduct risk-based audits, identify control weaknesses and recommend improvements;
• Ensure compliance with laws, regulations, internal policies, and professional audit standards;
• Perform compliance assessments against the frameworks in place;
• Review and update audit methodologies to align with evolving auditing and regulatory requirements;
• Assess the adequacy of controls in IT systems, including cybersecurity, data protection and change management;
• Review IT governance strategies, policies, procedures and contractual agreements;
• Evaluate system development, maintenance, acquisition and change management practices;
• Perform vulnerability assessments, penetration testing and assess incident response readiness;
• Monitor information systems risks and provide expert advice on mitigation and management;
• Investigate irregularities and suspected fraud to determine the nature and scope of issues;
• Analyze financial and operational data to detect inefficiencies, control deficiencies or non-compliance;
• Conduct inspections to ensure compliance with accounting procedures and statutory requirements;
• Collaborate with IT, technology services, and security teams to ensure adequate control measures are in place;
• Guide in resolving information security incidents and responding to emerging threats;
• Stay updated on developments in audit practices, information systems and cybersecurity trends;
• Prepare and communicate audit findings and recommendations to management and key stakeholders;
• Follow up on audit recommendations to ensure corrective actions are implemented effectively;
• Draft detailed audit reports highlighting control gaps and non-compliance issues;
• Assist in the preparation of files and reports for the Board Audit Committee;
• Maintain high standards of audit documentation and contribute to quality assurance processes;
• Deliver training and awareness sessions on audit and security best practices to staff;
• Support the risk management function by offering technical input on ICT-related risks;
• Contribute to policy development and participate in system planning and evaluation to ensure proper control integration;
• May be required to perform other related duties based on the CUK’s needs.