The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
Reporting to the Senior Manager, Information Systems Audit, the Manager, Information Systems Audit will carry out Information System / Technology related audits and advisory assignments across the Group that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
- Participate and contribute to the Technology and Information Systems risk assessment process to develop the annual Group IS audit plan.
- Plan and complete IS audit and advisory assignments involving Technology assurance in consultation with the Senior Manager, IS Audit and Head, IS Audit according to the approved Group IS audit plan within the defined timelines.
- Develop in consultation with the Senior Manager, IS Audit appropriate audit tests and programs aimed at efficiently and effectively testing Technology Assurance levels.
- Perform IT Governance, IT general and IT application control reviews on information systems and Technology environment to give assurance on the effectiveness and efficiency of the control environment, and compliance to KCB Group policies, International Standards (ISO 27001, ISO 22301, PCI DSS, NIST 800, etc.), and Regulatory requirements and guidelines.
- Perform data analytics-based audit procedures as part of IT application reviews to test the completeness, accuracy, and validity of master and transactional data using CAATs tools and submit to the continuous auditing team for subsequent automation.
- Perform ongoing project assurance and post implementation reviews on Technology related projects.
- Follow up and verify closure of IS audit issue action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
- Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
- Maintain pro-active approach to risk assessment through market intelligence, continuous engagements with stakeholders to understand business dynamics and through data analytics.
- Share knowledge, skills, and experience with team members.
For the above position, the successful applicant should meet the following criteria:
- Bachelor’s Degree in Information Technology, Electrical Engineering, Computer Science, Business, or a Related field from a university recognized by Commission for University Education.
- Must Possess CISA/CISM/CISSP or a related IT audit or IT security certification.
- Master’s degree is an added advantage
- A minimum 5 years’ experience in IT / IS Audit covering 3 years in IT Governance review, IT project assurance, and Information Systems Audit Experience.
- Must possess proficiency in performing IT governance, IT project assurance, IT general and IT application controls reviews.
- Must possess proficiency in performing data analytics using CAATs tools and SQL.
- Must possess proficiency in the use of audit management software e.g., TeamMate.
- Must possess excellent audit report writing and presentation skills.
- Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
- Must possess effective planning, organizing and problem-solving skills.
The above position is demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.
To be considered your application must be received by Thursday, 22nd December 2022.
Qualified candidates with disability are encouraged to apply.
Only short-listed candidates will be contacted.