Jobs Career Advice Post Job
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Oct 31, 2024
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Sasria is a public enterprise listed under schedule 3B of the Public Finance Management Act No 1 of 1999. We are a non-life insurance company that provides coverage for damage caused by special risks such as politically motivated malicious acts, riots, strikes, terrorism and public disorders. Our journey began over 40 years ago, after becoming inspired by...
    Read more about this company

     

    IT Auditor

    Minimum Requirements

    Qualifications

    • BSc Computer Science degree or an equivalent qualification i.e., BCom/ BTech Accounting or Internal Audit
    • CISA qualification or passed CISA exam and working towards qualification 
    • ISACA membership (may also be IIA member as an addition)

    Experience

    • At least 3 years of IT audit experience in a non-life insurance company.

    Duties and Responsibilities

    • Sasria Departments or Agent Company Internal Audits

    Performs IT internal auditing work as assigned:

    • Sasria Departments and/ or Agent Companies’ IT Internal Audit divisions 
    • Provide advisory services through:
    • Audit recommendations
    • Ad hoc projects
    • Participation in Risk Management sessions (RCSAs) and provide input on where IT risk management processes and controls can be improved.

    Technical Auditing

    • Identify and evaluate the risk areas including IT audit risks in the organisation.
    • Review the adequacy and effectiveness of controls using flow charts and other methods of evaluation.
    • Develop audit programs or procedures by identifying risks and controls matrix (RACM) for the area to be audited.
    • Conduct planning and preparation of allocated audit assignments by drafting audit start letters, opening meetings, preliminary surveys, agreeing audit scope and sign-off.
    • Perform detailed reviews of IT processes and policies, Technology & infrastructure and the general control environment in accordance with the audit programmes.
    • Perform detailed reviews of Cybersecurity, Vulnerability.
    • Assessment and Penetration Testing where necessary.
    • Be knowledgeable of Technology tools (Nessus, Nmap etc) to assist in testing for IT Security audits i.e., Cybersecurity.
    • Perform ad hoc IT audits that include but not limited to UAM, Cloud Computing, Network Controls, IT Service Continuity, IT Outsourcing and Database Management.
    • Perform detailed reviews of application systems and access controls, this will include ERP systems and electronic signatures in accordance with the audit programmes.
    • Perform detailed reviews of IT project management/ programme controls in line with the audit programmes.
    • Perform reviews on System Development Life Cycle Reviews (pre- and post-implementation).
    • Perform both planned and ad-hoc cyber security reviews; utilise tools to perform vulnerability assessments and penetration testing.
    • Perform data analytics assignments including continuous auditing and monitoring reviews.
    • Perform follow-up reviews and ensure that management action plans and dates are not overdue.
    • Completion of all working papers in accordance with the IT audit methodology.
    • Conducts interviews, reviews document, develops and administers surveys, composes summary memos, and prepares working papers.
    • All findings, conclusions and recommendations are properly and sufficiently supported in working papers.
    • Communicates or assists in communicating the results of audit and consulting projects via written reports and oral presentations to 
    • management.
    • Develops and maintains productive client and staff relationships through individual contacts and group meetings.
    • Pursues professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers.

    Policy and procedure development

    • Provides input on improvement of strategic audit and annual plan.
    • Provides input on the improvement of the audit policy and procedure manual.

    Represents internal audit on:

    • Company project teams;
    • Internal company staff committee meetings (on request, i.e. IT Steering Committee, Transformation committee and the Health and Safety 
    • committee meetings); and
    • External assurance providers or organisations.
    • As and when required. 

    Training and support

    • Active involvement in development of own skills, through agreeing performance development plan with the IT AuditManager to improve or maintain the following skills:
    • Negotiating and problem-solvingskills.
    • Effective verbal and written communication, including active listening skills and skill in presenting findings and recommendations by audit staff.
    • Establish and maintain harmonious working relationships with co-workers, staff and external contacts.
    • Assist in supervising trainees or other assigned team members.

    Perform adhoc tasks

    • Perform any reasonable ad hoc tasks as and when required by the IT Audit Manager or the Head of Internal Audit.

    Check how your CV aligns with this job

    Method of Application

    Interested and qualified? Go to Sasria on sasria.erecruit.co to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Sasria Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail