Zambia National Commercial Bank Plc
This function is responsible for performing professional internal auditing work on various IT audits, as part of the approved audit work plan, day to day conduct and completion of audit engagements. The function involves leading and conducting Applications/Network/System platform and IT general controls audits (i.e. Planning, fieldwork and reporting); providing consulting services to the bank’s management and staff; and providing input to development of the annual internal audit work plan. Maintains all bank and professional ethical standards and completes all internal audit work in compliance the IIA’s International Standards for the Professional Practice of Internal Auditing, ISACA’s Information Systems auditing standards.
Under the supervision of the Internal Audit Head – IT, the following are among the Job Key Responsibilities:
- Assists in identifying and evaluating the organization’s IT risk areas and provides input to the development of the Annual Audit Plan.
- Assigning audit guide sections or program steps to be performed by the staff member(s) assigned.
- Performs audit procedures, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.
- Conducts interviews, review documents, develops and administers surveys, composes summary memos, and prepares working papers.
- Conduct data extraction, analysis and security reviews utilizing appropriate tools.
- Support audit and consulting engagements related to IT systems, processes, governance and security.
- Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity, and availability of business information.
- Assisting in providing training, coaching, and guidance to internal audit staff in conducting audits and on other audit-related issues
- Evaluating the efforts of the staff member(s) assigned.
- Maintaining appropriate working relationships with bank staff and internal audit staff.
- Identifies, develops, and documents audit issues and recommendations using independent judgment concerning areas being reviewed.
- Monitoring the day-to-day progress on work assigned.
- Reviewing audit work papers prepared by the staff member(s) assigned to ensure satisfactory completion and initialing to evidence the review.
- Preparing personnel evaluation forms as required/requested
- Communicating audit findings to management throughout the engagement and keeping the Internal Audit Head informed on the audit status.
- Preparing the draft audit report, seeing that all findings are adequately supported, and determining those findings to be included in the report or those to be handled as minor findings.
- Presenting and communicating audit findings at the audit review meeting.
- Follow-up audit recommendations in order to verify that corrective actions are implemented to address concerns raised.
- Pursues professional development opportunities, including external and internal training and professional association memberships, and sharing information gained with co-workers.
- Keep abreast and follow latest developments in the internal audit function, particularly in the area of IT audit techniques.
- Develop, improve and implement internal audit processes, procedures, methodologies and working tools for conducting IT audit risk management and control activities.
- Maintain an up-to-date understanding of the Bank’s products, processes and procedures with special focus on IT emerging risks.
- Assist with providing internal control subject matter expertise for new projects, policies, procedures, or tools being implemented.
- Any other responsibilities or tasks as maybe assigned by management.
QUALIFICATIONS AND EXPERIENCE
- Grade 12 Certificate with Credit or above mandatory in Mathematics and English and any other three subjects
- Bachelor’s Degree in Information Technology, Management Information System, Computer Science, Information Security or related field.
- At least five (5) years of professional internal or external IT audit experience
- Should have Auditing certifications such as CISA
- Knowledge of IT best practices and frameworks (i.e. ISO 27001, COBIT, ITIL) would be considered an advantage
- Knowledge of Data analytics and tools such as ACL is an added advantage
- Experience with Audit Management Software
- Should possess high skills and experience in IT auditing.
JOB CORE COMPETENCIES
- Ethical Orientation
- International Professional Practices Framework
- Clinical and attentive to detail
- Stakeholder Management
- Analytical Skills/ Problem solving
- Self-Management / Organizational skills
- Drive for results