Never pay for any notarisation, certificate or assessment as part of any recruitment process. When in doubt, contact us
The new NCBA has harnessed the power of both NIC and CBA to create a bank that brings together the best of both worlds from cutting edge mobile banking to good old-fashioned relationship management; from scalable business banking to financial services that grow as your business does; from best-in-class choice of products to investment solutions tailored to your specific needs.
Job Purpose Statement
The purpose of this role is to provide assurance on the Group’s information systems with respect to information technology security, functions/ processes and the technology applications that support business functions and ensure appropriate security controls are in place to protect the Group’s assets from ICT related risks.
To role holder will conduct independent reviews on compliance with the Group’s ICT and Information Security policies and procedures, assess adequacy of internal control systems, regulatory requirements observed and highlight exceptions or violations.
Key Accountabilities (Duties and Responsibilities)
Audit Planning 10%
- Assist in the formulation and implementation of the Information and Communication Technology audit strategy, as well as to evaluate the standards of risk management, accuracy of the records, procedures and control activities throughout the banks ICT structures
- Assess and advice on risk management, internal control systems and including review of the suitability and reliability of management information systems.
Audit Management & Execution 60%
- Develop audit tests of assigned assurance and advisory services based on the annual risk based internal audit plan focusing on the key critical risk areas
- Execute IS audits and participate in audits of the bank’s subsidiaries, departments, branches and processes as per the audit plans and in accordance with policies, procedures and best practice
- Design and execute audit programs or work programs for assigned assurance and advisory services by interview, observation, review processes, data analysis review and testing of the control area
- Develop and issue concise draft reports that present findings, recommendations and management response
- Prepare summary of audit results and draft audit reports summarizing the audit findings and recommendations, and work with IT management and IT risk in developing action plans.
- Follow-up on audit recommendations and actions taken ensuring that they are addressed and appropriate management
Internal business processes 10%
- Review procedures and records to ensure they are in line with the Bank’s ICT strategy and objectives. Appraise policies and plans of activities for all departmental systems in use to ensure these are complementing the ICT strategy.
- Liaise with external auditors and other regulatory monitoring agencies and implement recommendations to Information systems controls and security so as to promote growth and ensure compliance with the regulatory framework.
- Provide consultancy services to project teams on IT risk, system controls and best practices.
- Participate in the bank’s Information Risk forums and provide insights on emerging risk.
Customer 10%
- Create a cordial and professional working environment for all staff to enhance individual performance and productivity.
- Develop with the assistance of the Head of Audit the annual IS audit team performance objectives, standards and targets
- Identify development and training needs and develop plans to satisfy areas identified
Learning and growth 10%
- Continuously improve knowledge and learning to ensure conversant with current standards and practices within the profession.
- Enhance practice and display of professionalism in conduct of work and day to day activities.
- Adherence to professional standards and code of ethics at all times.
- Enhance knowledge skills and other competences through continuing personal development.
Job Specifications
Academic:
A University graduate, preferably in Information Systems Management (Computer Science), Business Administration or related fields
Professional:
- Qualified Certified Information Systems Auditor with relevant experience in information security knowledge areas, such as Information Systems Audit, Information Security Management and Ethical Hacking.
- CIA, CISM, and CISP an added advantage
- Qualifications in data analysis and CAATs would be an added advantage
Desired work experience:
- At least 4 years of information system audit experience, preferably in the financial services industry.
go to method of application »
Job Purpose Statement
The purpose of this role is to conduct audit assignments, with a view to assess adequacy of the internal control systems, regulatory requirements; and highlight any exceptions or violations.
Key Accountabilities (Duties and Responsibilities)
Audit Planning 10%
- Participate and contribute in the risk assessment process for target audit areas and document results, as guided by the Assistant General Manager, Financial Risk Audit.
- Plan, scope and budget individual allocated activities to ensure completion within agreed schedule, ensuring all risks in the assigned auditable areas are fully addressed.
Audit Management & Execution 55%
- Assist to manage and align assignment resources, efforts and goals; identify and remove barriers in order to achieve optimal results.
- Prepare work papers in line with audit standards ensuring proper identification, development, and documentation of audit issues and recommendations using independent judgment.
- Draft suitable draft reports on the areas audited that present findings, recommendations and management responses on key control weaknesses, non-compliance with procedures and management policies and regulatory requirements, among others,
- Assist in follow up and disposal of cleared audit issues logged from previous audits.
- Guide/undertake consulting activities, as may be requested, in accordance with professional standards and provide sound advice on policies, procedures, risks and controls.
- Undertake to assist in investigation of cases of internal and external fraud, as requested.
Continuous Audits 5%
- Quarterly review of digital financials and long outstanding balances in internal suspense and holdover accounts.
Internal business processes 10%
- Strong collaboration with other lines of defence to provide integrated assurance.
- Review procedures, processes and records to ensure they are in line with the Bank objectives and appraise policies and plans of activities, departments and functions under audit review.
- Work with the external auditors and other regulatory monitoring agencies to facilitate gathering of required information.
Customer 10%
- Establish and maintain relationships with key business owners and functional departments.
- A unified view of risks and compliance to drive informed decisions.
Learning and growth 10%
- Continuously improve knowledge and learning to ensure conversant with current standards and practices within the profession.
- Teamwork, coach / mentor, develop and motivate internal audit team members.
- Identify development and training needs and develop plans to satisfy areas identified.
Job Specifications
Academic:
A University graduate
Professional:
- CPA (K)/ ACCA qualifications
- Working towards CIA qualification
Desired work experience:
- At least 4 years’ experience of auditing or enterprise risk management in an external audit/ Banking environment.
- Good working knowledge of the TeamMate audit software and ACL Data Analytics.
Gmail
Yahoomail