Systems Auditor at Tower Sacco

JOB DESCRIPTION

The Systems Auditor is responsible for execution of internal audits covering all aspects of business process; assessing risks on information systems, business operations and evaluating internal controls to provide an independent appraisal of internal control environment across the Organization.

Duties

• In charge of the Information System audit function of the Internal Audit Department.
• Develop and implement the annual Information Systems audit plan in liaison with the Head of Internal Audit.
• Ensure that the SACCO develops and maintains sound Information System policies and procedures that minimize risks without compromising efficiency.
• Provide support to the Head of Internal Audit in coordinating the affairs of the Audit committee including providing information required for preparation of monthly and quarterly board reports.
• Assess the risks inherent in the SACCO’s information systems and recommend measures to mitigate them.
• Provide system special audits and investigations as and whenever required.
• Evaluate the compliance with internal information system policies, procedures and operating instructions.
• Perform audit follow up and tracking of open audit findings to ensure that audit findings are closed within the agreed timelines.
• Evaluate business continuity and disaster recovery including back up procedures, business continuity and disaster recovery plans, tests, sites, and usability.
• Evaluate and report on system infrastructure and life cycle management.
• Review system development, acquisition and maintenance.
• Recommend to the Head of Internal Audit revisions to audit procedures or improvements to enhance efficiencies.
• Participate in the execution of multiple audit projects to achieve the scope, timing, and objectives of each assignment while ensuring applicable regulatory guidance is included in the scope for assigned audits where applicable.
• Monitor the implementation & operation of defined controls and recommendations on an ongoing basis.
• Any other duty that may be assigned by the Head of Internal Audit, the CEO or any authorized officer.

Background Requirements

• Should have thorough knowledge of current auditing techniques and experience of the entire audit process.
• Should possess advanced Audit Command Language skills and/or other audit skills.
• Should have strong business and financial analytical skills.
• Should have excellent interpersonal, communication and presentation skills.
• Should have broad knowledge of information systems and operations in view of the internal audit objectives.
• Should be able to work independently, meet deadlines and obtain results.

Preferred Qualifications

Formal Qualifications

• Be a holder of a bachelor’s degree in Computer Science or IT related field.
• Should possess professional certification in Information Technology Audit, Risk or Security such as: Certified Information Systems Auditor (CISA) and/or Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) and Certified Public Accountant (CPA).
• Possession of other Cisco certifications such as CCNA and CCSP will be added advantage.
• Excellent understanding of auditing concepts and practices with a minimum of three year’s experience in a management role in information Technology and operations or Information Technology and operation audit.
• KCSE (C Plain) with C (plain) in English.

Person Specifications

• Be of exemplary integrity.
• Below 35 years of age.