QUALIFICATIONS AND OTHER REQUIREMENTS
Post-Graduate qualification in Information Technology or computer science ora related field from a recognized University/Institution
Honours Degree in Computer Science, Information Systems and/ or
Technology or related field.
Professional qualification of Certified Information Systems Auditor (CISA) is a
MUST
Other Professional Information Systems Audit/Security/Risk Certifications
such as CISM, CISSP, etc. will be added advantage.
Minimum of 5 years of practical experience in areas of IT Audit/Risk/Securitypreferably with a large corporate environment.
Possession of technical knowledge in Core information system domains
specifically Software development, Networking, Databases (MY SQL and MSSQL), Operating systems & Infrastructure (MS 2016 and above & UNIXrelated systems), Windows Active Directory and General Computerapplications.
Understanding of information security standards, best practices for securing
computer systems, and applicable laws and regulations
Working knowledge of ACL/ IDEA / EnCase and/or Teammate Audit Systems
is an added advantage
Provide input to the annual Information System (IS)/ Information Technology
(IT) audit plan to be included in the overall departmental Annual Audit Plan.
Develop detailed IT audit work plans, information system audit
programs/audit tests for specific engagements, audit schedules and riskassessments.
Conduct all assigned IS/ IT audits end-to-end; including planning, evaluatingand documenting the results, reporting and follow up in accordance with theannual audit plan.
Evaluate adequacy and effectiveness of IT Governance, Risk Management and
Controls for the Bureau, particularly on applications and infrastructuresecurity.
Conduct special IS/ IT project audits, including investigation of fraud and/ or
irregularities, as required,
Conduct IT security audits (e.g. network, operating system and data center),
including evaluating if security vulnerabilities are properly identified andmitigated. Coordinate the scope and performance of these reviews withdepartments and external security experts, where applicable.
Prepare clear and concise audit reports on audit findings, detect noncompliance with UNBS policies, guidelines, statutory requirements and
procedures for discussion with management, and your immediate supervisorbefore final reports are issued for corrective action.
Provide first level assurance services on system development and acquisition
process of all Information Technology Systems and modules being broughtinto the UNBS IT environment.
Conduct assessments on changed, newly added or implemented IT internal
controls
Support Internal Audit Department to optimize the use of existing CAATs (i.e.
Teammate, IDEA, EnCase and ACL Audit Exchange audit systems) such asproviding internal technical support and knowledge sharing services to allusers when necessary.
Develop and maintain productive client, staff and management relationships
through individual contacts and group meetings