IT Auditor

at  Vantegral Consulting

• This position supports the Internal Audit and Compliance department to achieve of providing reasonable assurance, value addition and improve organization operations as it relates to information technology.
• S/He will plan, execute, and report on the IT General Controls, Application controls, Infrastructure.
• S/He will provide consulting services to the business to improve IT operations and IT controls.

JOB QUALIFICATIONS

Academic Qualifications:

• A minimum of a Bachelor’s Degree from a recognized higher institution in a related field, such as Accounting, Finance, Computer Science, or Business.

Experience:

• A minimum of 6 years of experience in the auditing field, two of which must have been in Information Systems Auditing, Big 4 experience is an advantage.

Professional Qualification:

• Certified Information Systems Auditor (CISA) (essential), The Institute of Internal Auditor (membership), Chartered Accountant (ACA. ACCA) (optional).

• Plan audit to determine whether information systems are protected, controlled, and provide value to the organization.
• Conduct audit in accordance with IS audit standards and a risk based IS audit strategy.
• Communicate audit progress, findings, results, and recommendations to stakeholders.
• Evaluate the organization’s management of IT policies and practices.
• Evaluate the organization’s IT policies and practices for compliance with regulatory and legal requirements.
• Evaluate the organization’s ability to continue business operations.
• Conduct audit follow?up to evaluate whether risks have been sufficiently addressed.
• Evaluate the IT strategy for alignment with the organization’s strategies and objectives.
• Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program.
• Evaluate whether IT supplier selection and contract management processes align with business requirements.
• Conduct post?implementation review of systems to determine whether project deliverables, controls, and requirements are met.
• Evaluate whether IT service management practices align with business requirements.
• Conduct periodic review of information systems and enterprise architecture.
• Evaluate IT operations to determine whether they are controlled effectively and continue to support the organization’s objectives.
• Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the organization’s objectives.
• Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded.
• Evaluate logical security controls to verify the confidentiality, integrity, and availability of information.
• Review and evaluate IT General Controls, application controls and IT Security management in accordance with ISO 27001.
• Provide recommendations and guidance on identified security and control risks.
• Perform technical security testing to identify potential threats and vulnerabilities.
• Utilize data analytics tools to streamline audit processes.
• Provide consulting services and guidance to the organization to improve the quality and control of information systems.
• Identify opportunities for process improvement in the organization’s IT policies and practices.
• Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.