The role of the IT Internal Auditor within the organisation is to conduct internal audits and assess IT governance processes, aiming to pinpoint and address areas of risk and non-compliance. Reporting directly to the Head of Internal Audit, the IT Internal Auditor plays a crucial role in evaluating the adequacy and effectiveness of IT-related internal controls, risk management practices, and governance processes within the group.
This position is instrumental in providing insights into the overall state of IT-related controls and processes, contributing to the organization's efforts to ensure robust risk management and compliance practices.
Key qualification and experience required for the IT Internal Auditor:
- Completion of Grade 12 or equivalent (Required).
- Bachelor's degree in Commerce, Internal Auditing, Computer Science, Informatics, or equivalent qualification (Required).
- Minimum 5 years of experience as an IT Internal Auditor, with at least 2 years at a senior level (Required).
- Demonstrated experience in recommending effective IT controls, frameworks, and best practices (Required).
- Proficiency in data analytics (Required).
- Certification as a Certified Information Systems Auditor (CISA) (Preferred).
- Familiarity with IT threats, vulnerabilities, and risks.
- Understanding of COBIT, ITIL, and NIST Frameworks.
- Knowledgeable about ISO27001.
- Understanding of project methodologies and involvement in project phases.
- Familiarity with Internal Audit principles and IIA/ISACA standards.
- Contribute to the formulation of the IT risk-based audit plan and strategy.
- Gain a comprehensive understanding of the organization's IT landscape, including business operations, system risks, processes, and policies.
- Evaluate various IT controls such as application controls, access security, change control, and IT service management.
- Cultivate and maintain relationships with IT stakeholders.
- Conduct IT risk analysis and develop audit plans tailored to business processes and systems.
- Execute audits in accordance with IIA/ISACA standards, IT frameworks, and internal audit methodologies.
- Identify deficiencies in IT controls and governance processes, offering recommendations for improvement.
- Collaborate with management to address audit findings and ensure corrective actions are implemented.
- Provide assurance and guidance on IT projects and system development phases.
- Utilize data analytics for audit purposes or continuous monitoring.
- Safeguard organizational assets against fraud and theft, integrating fraud prevention measures into audit procedures.
- Support investigations related to IT fraud incidents.
- Advise management on implementing IT internal controls to mitigate fraud and asset theft risks.
- Assist in the IT group's risk management process.
- Ensure compliance with governance procedures, escalating instances of non-compliance.
- Maintain audit working papers in accordance with internal audit methodologies.
- Prepare comprehensive internal audit reports adhering to IIA standards and methodologies.
- Prepare reports for Audit Committee meetings.
- Manage the IT audit plan and ensure timely completion of audit activities.
- Engage in continuous professional development to enhance audit skills and knowledge.
- Proficient in computer usage, particularly with MS Office applications.
- Excellent verbal and written communication abilities.
- Well-organized with a keen attention to detail, committed to delivering high-quality work.
- Assertive approach in dealing with tasks and challenges.
- Strong analytical skills, coupled with the ability to interpret complex information.
- Proficient in conducting research and utilizing data mining and analytics techniques.
- Stay informed about the latest IT risks and trends.
- Familiarity with ACL (Audit Command Language) software.