Background

The Information Systems Auditor is responsible for conducting audits across the Bank’s IT infrastructure, systems, and business applications. This includes evaluating complex computer applications and technological solutions to ensure compliance with the Internal Audit Department (IAD) work plan, professional IS auditing standards, and internal audit methodologies. The role supports the Bank’s risk management efforts by identifying control weaknesses and recommending improvements.

Key Responsibilities:

• Ensure adequate planning to align Information Systems (IS) audits with corporate and business objectives.
• Develop appropriate audit tests aimed at addressing identified IT risks and achieving desired audit objectives.
• Plan and perform risk based IS audits in line with the Internal Audit Methodology, processes, procedures, and timelines.
• Conduct general and application control reviews for a wide range of computer information systems, from simple to complex.
• Perform information control reviews covering system development standards, operating procedures, system security, programming controls, network and infrastructure controls, backup and disaster recovery, and system maintenance.
• Review internal control procedures and security for systems under development to ensure compliance with best practices and internal standards.
• Carry out application vulnerability assessments and penetration testing to identify and address security weaknesses.
• Prepare clear, concise, and timely audit reports detailing findings, non-compliance with policies or statutory requirements, and recommendations for improvement.
• Follow up on outstanding audit issues to ensure timely resolution and closure.
• Promote the utilization of audit tools such as Teammate, ACL, and other approved technologies to enhance audit planning, execution, data analysis, and reporting.
• Train non-IT auditors on basic IT controls and audit techniques to foster cross-functional audit capabilities.
• Perform any other duties as may be delegated or assigned by management from time to time.

Academic Qualifications:

• A minimum of bachelor’s degree in information technology, Computer Science, Information Systems,Computer Engineering Cybersecurity, or a related IT fields.

Professional Qualification:

• Professional Certifications in IT audit or security related qualification (e.g., CISA, CISM, CISSP, CRISC etc.) is an added advantage.

Work Experience:

• IT audit work experience or substantial experience from IT Operations Support or IT Development function.
• Prior IT Audit experience in a commercial banking environment or a corporate organization is preferred.
• Knowledge in Bank’s IT Policies, Procedures and Regulatory guidelines
• Knowledge in the Emerging Industry standards, Risks and trends in Cybersecurity, Data Analytics and Data Privacy and Artificial Intelligence (AI).
• Hands-on experience with audit tools such as ACL, Teammate, or data analytics platforms.
• Ability to write precise and concise reports for the attention of different stakeholders

• Ensure adequate planning to align Information Systems (IS) audits with corporate and business objectives.
• Develop appropriate audit tests aimed at addressing identified IT risks and achieving desired audit objectives.
• Plan and perform risk based IS audits in line with the Internal Audit Methodology, processes, procedures, and timelines.
• Conduct general and application control reviews for a wide range of computer information systems, from simple to complex.
• Perform information control reviews covering system development standards, operating procedures, system security, programming controls, network and infrastructure controls, backup and disaster recovery, and system maintenance.
• Review internal control procedures and security for systems under development to ensure compliance with best practices and internal standards.
• Carry out application vulnerability assessments and penetration testing to identify and address security weaknesses.
• Prepare clear, concise, and timely audit reports detailing findings, non-compliance with policies or statutory requirements, and recommendations for improvement.
• Follow up on outstanding audit issues to ensure timely resolution and closure.
• Promote the utilization of audit tools such as Teammate, ACL, and other approved technologies to enhance audit planning, execution, data analysis, and reporting.
• Train non-IT auditors on basic IT controls and audit techniques to foster cross-functional audit capabilities.
• Perform any other duties as may be delegated or assigned by management from time to time.

• Knowledge in Bank’s IT Policies, Procedures and Regulatory guidelines
• Knowledge in the Emerging Industry standards, Risks and trends in Cybersecurity, Data Analytics and Data Privacy and Artificial Intelligence (AI).
• Hands-on experience with audit tools such as ACL, Teammate, or data analytics platforms.
• Ability to write precise and concise reports for the attention of different stakeholders

• A minimum of bachelor’s degree in information technology, Computer Science, Information Systems,Computer Engineering Cybersecurity, or a related IT fields.
• Professional Certifications in IT audit or security related qualification (e.g., CISA, CISM, CISSP, CRISC etc.) is an added advantage.