Information Systems Auditor (Re - Advertisement)

Qualifications and Skills:

• Bachelor’s degree in information systems, Computer Science, or related field.
  
•  A master’s degree in the above field will be an added advantage.
  
•  CISA (Certified Information Systems Auditor) is essential requirement
  
•  Professional certification such as CPAK is an added advantage.
  
•  5 years’ experience in information systems auditing, preferably in the financial industry.
  
•  Strong understanding of information security principles, risk management, and IT governance.
  
•  Knowledge of regulatory requirements and standards applicable to financial institutions.
  
•  Excellent analytical, communication, and interpersonal skills.
  
•  Ability to work independently and collaboratively with cross-functional teams
  

Qualifications and Skills:

• Bachelor’s degree in information systems, Computer Science, or related field.
  
•  A master’s degree in the above field will be an added advantage.
  
•  CISA (Certified Information Systems Auditor) is essential requirement
  
•  Professional certification such as CPAK is an added advantage.
  
•  5 years’ experience in information systems auditing, preferably in the financial industry.
  
•  Strong understanding of information security principles, risk management, and IT governance.
  
•  Knowledge of regulatory requirements and standards applicable to financial institutions.
  
•  Excellent analytical, communication, and interpersonal skills.
  
•  Ability to work independently and collaboratively with cross-functional teams
  

Audit Planning and Execution:

• Develop and execute risk-based audit plans for information systems, ensuring coverage of critical areas.
  
•  Conduct thorough assessments of IT systems, applications, and infrastructure to identify potential risks and vulnerabilities.
  

Information Security Assessment:

•  Evaluate the effectiveness of information security controls and measures in place.
  
•  Conduct penetration testing and vulnerability assessments to identify and address security weaknesses.
  

Compliance Management:

•  Ensure compliance with relevant laws, regulations, and industry standards.
  
•  Keep abreast of changes in regulations and update audit procedures accordingly.
  

Internal Control Evaluation:

•  Assess the design and effectiveness of internal controls related to information systems.
  
•  Identify weaknesses in controls and recommend improvements to enhance the security posture.
  

 IT Governance and Policy Compliance:

•  Evaluate the effectiveness of IT governance structures and processes.
  
•  Review and assess adherence to IT policies, procedures, and standards.
  

Incident Response and Recovery:

•  Develop and test incident response plans to ensure the Corporation’s ability to respond to and recover from cybersecurity incidents.
  
•  Provide guidance on incident response procedures and coordinate with relevant teams.
  

Audit Reporting:

•  Prepare comprehensive audit reports detailing findings, recommendations, and action plans.
  
•  Communicate audit results to senior management and stakeholders.
  

Collaboration and Training:

•  Collaborate with IT and business units to implement audit recommendations.
  
•  Provide training and awareness programs on information security best practices.