Information Systems Auditor
Description:
Wananchi Group (K) Ltd Job Title: Information Systems Auditor Department: Finance Location: Nairobi Employment Status / Type: Full time Position Reporting to: Group Auditor Manages Others: No Titles & Number of Positions Managed: None Job Purpose / Summary: You will be responsible for conducting Information systems audit reviews from planning to reporting with minimal supervision.
You will also work closely with engagement clients to ensure audit recommendations from internal, external audits and other assurance providers are promptly implemented.
You will monitor Information System risks and work with other departments to continuously improve business processes whilst ensuring best practices in internal controls.
Key Roles: Responsible for Information System audit function of the Internal Audit Department.
Participate in development and implementation of the annual Information Systems audit plan.
Review IT policies and procedures and standard operating procedures to identify control weaknesses requiring attention.
Review the group’s IT hardware and software assets to ensure adequate protection and assess that asset lifecycle management are in line with best practice and policies.
Test and assess network and system vulnerabilities and recommend controls and strategies to protect the network and IT infrastructure.
Evaluate information system applications, server’s, business continuity and disaster recovery including back up procedures.
Review IT general controls to ensure information integrity and confidentiality and assess that access management is well managed.
Assess IT and Network infrastructure exposure to cyber risks and recommend controls on the IT infrastructure and Provide recommendations to strengthen IT governance, cybersecurity, emerging technology risks and regulatory compliance.
Advise management and staff on various operational issues related to information systems security and best practices.
Execute system investigation as and whenever required.
Evaluate whether change management processes are defined and implemented to business needs.
Stay updated on the latest technology and trends to provide input to mitigate emerging threats to the group.
Cvs can be shared at