Information Systems Audit Manager

Main Purpose of the Job - (Job Summary)

As the Information Systems Audit Manager, you will be responsible for overseeing and managing the information systems audit function. Your primary focus will be on ensuring the adequacy and effectiveness of system controls, safeguarding company data, and maintaining systems integrity. You will lead a team of auditors, plan and execute audits, and provide comprehensive reports to senior management, contributing to the organization's overall security and efficiency.

Main Responsibilities 

• Managing the IS Audit team, overseeing the formulation, and execution of the IS Audit plan.
• Leading reviews of the company's information systems, internal controls, and security measures, providing recommendations for improvement.
• Reviewing the adequacy and effectiveness of internal and security controls on new information systems and system changes, offering improvement suggestions.
• Developing detailed information systems audit programs based on documented procedures for each audit assignment.
• Conducting comprehensive audit tests on all automated systems according to the approved Annual Audit Plan, discussing outcomes with line management, and proposing improvements.
• Performing pre-implementation reviews of projects involving new IT software and hardware, assessing technical viability, and recommending enhancements.
• Leading post-implementation reviews of newly installed information systems and system changes, providing improvement recommendations.
• Reviewing internal controls related to Business Continuity and Disaster Recovery Plans, proposing enhancements.
• Drafting detailed reports, including findings, implications, and recommendations, and discussing them with senior management and relevant personnel.
• Finalizing reports with findings, implications, recommendations, management comments, and implementation schedules, seeking approval from the Chief Internal Auditor.
• Managing and conducting post-implementation reviews of previous audit recommendations, reporting on implementation status.
• Ensuring the implementation of the IS Audit Plan and updating the Chief Internal Auditor periodically.
• Reviewing audit programs developed by the IS Audit Assistant for completeness.
• Reviewing audit working papers and draft reports prepared by the IS Audit Assistant.
• Managing talent within the IS Audit team, providing coaching, mentoring, development, motivation, training, and evaluations for staff members.

2 or  3 Key Deliverables (specific to this position)

• Percentage of audit recommendations implemented
• Implementation of the Annual IS Audit Plan
• Regular Reports to management through the Chief Internal Auditor 

Job Specifications

Relevant Experience

• At least 6 years of relevant experience at Manager level

Academic Qualifications

• Bachelor’s degree in computer science, Information Technology, or related field from a recognized university
• Master’s Degree is an added advantage

Professional Qualifications

• Certified Information Systems Auditor (CISA); 
• Certified Information Security Manager (CISM) or Certified Information System Security Professional (CISSP)
• Membership to a professional association  

Key Job Skills (specific to the job)

• Broad IT Expertise: Extensive knowledge of general IT operations, IT enterprise infrastructure, Networks (Local Area Network, Wide Area Network), Cybersecurity, Data Privacy, and familiarity with emerging technologies such as Cloud Computing.
• Operating Systems and Databases: Proficiency in operating systems like MS Windows, relational databases like MS SQL and Oracle, and Linux, enabling effective evaluation of system controls.
• Network and Mobile Technologies: In-depth understanding of network and mobile technologies to assess security measures and risks associated with these components.
• Strong understanding of information security, IT governance, risk management, and compliance frameworks (e.g., COBIT, ISO 27001, NIST, Data Protection).
• Familiarity with auditing tools and techniques for assessing system controls and security measures.
• IT Governance and Project Management: Familiarity with frameworks, principles, practices, and techniques related to IT operations, governance, cybersecurity, and project management to ensure alignment with best practices.
• Data Analytics: Experience with data analytics software, such as Caseware IDEA, to conduct data-driven audits and enhance the effectiveness of audit procedures.
• Auditing Concepts: Understanding of auditing concepts and practices as prescribed in the audit profession, allowing for comprehensive and compliant audit processes.
• Report Writing: Excellent report writing skills to communicate audit findings, implications, and recommendations clearly and concisely to relevant stakeholders.
• Team Leadership: Strong leadership and supervision skills to manage and motivate the IS Audit team effectively.
• Interpersonal and Communication: Excellent interpersonal skills and communication abilities to interact with team members, stakeholders, and senior management effectively.
• Stakeholder Management: Proven ability to manage relationships with various stakeholders, ensuring effective collaboration and understanding of audit objectives and outcomes