Information Systems Auditor

Qualification and experience

• A Bachelors degree in Information Systems, Computer Science or a related field from a recognised/accredited University.
  
• Minimum of 3 years experience in Information Systems Audit, IT Audit, Internal Audit, or a related risk assurance role.
  
• Professional certification, such as Certified Information Systems Auditor (CISA), or demonstrable progress towards certification.
  
• Strong understanding of IT General Controls (ITGCs), system development life cycle (SDLC), IT governance and risk frameworks such as COBIT, ISO 27001.
  
• Working Knowledge of information security principles, data protection, access controls, and system vulnerability assessment.
  
• Experience in using Computer-Assisted Audit Tools (CAATs) such as TeamMate, ACL, SQL Developer, or similar data analytics tools.
  
• Ability to analyse complex systems, interpret data, and assess risks across automated and manual processes.
  
• Excellent understanding of internal auditing standards, ethics, concepts and practices with the ability to communicate technical issues to non-technical stakeholders.
  

• Identify, evaluate and document information systems risks, assess the adequacy and effectiveness of associated controls and propose enhancements to improve internal controls and operational efficiency.
  
• Execute the approved annual Information Systems audit plan and support the annual IT risk assessment process.
  
• Analyse and validate system transactions, data integrity, and audit evidence using data analytics and visualisation tools such as Power BI and SQL, to identify anomalies, trends, and control weaknesses.
  
• Assess and test the adequacy and effectiveness of IT general controls, application controls, operational processes, and departmental systems, and recommend corrective actions where gaps are identified.
  
• Evaluate threats and risks to the University's information assets and ensure appropriate access controls and data protection measures are in place.
  
• Promote process improvement by recommending automation of procedures, methods, and standards to enhance productivity.
  
• Prepare and communicate audit findings through clear written reports and presentations to management.
  
• Conduct system investigations and special audits as required.
  
• Perform other audit-related duties consistent with the University’s internal audit mandate, governance structures, and professional standards or as captured in your detailed job description.