IT Specialist at Discovery Limited

Reporting To-Senior Audit Manager
Level
Manager
Department
Group Internal Audit (GIA)
Key Performance Area
Tasks

• Strategic:

• Build / maintain relationships with:
  • Discovery Invest, Life, Employee Benefits, Insure, Corporate, Health, Vitality RSA, Vitality Group, Vitality Health, Vitality Life
• Attend Audit Committee meetings to present audit observations and provide feedback on the audits.
• Attend Risk Committee meetings to gather issues that can impact an audit environment.
• Facilitate the maintenance of risk profiles (inherent & residual view of IT risks).
• Challenge risk management information received from the business and provide meaningful input to management on where IT risk management processes and controls can be improved.
• Responsible for the implementation of the Internal Audit plan with regards to assigned companies / areas.
• Implement Continuous Auditing within the various Business areas.

• Technical

• Knowledgeable in:
  • Data Analytics, continuous auditing via Computer Assisted Auditing Techniques (CAATs)
  • Data Assurance
• The following would be deemed as an advantage:
  • IT General Controls
  • Application Controls
  • Technical Infrastructure
  • Project and Programme Management
  • Cyber and Information Security
• Perform Peer Quality Review Assessments.
• Perform maturity assessments based on the COBIT framework.
• Keep abreast with current trends and improve the audit methodology and approach.
• Liaison with peers on IT risk management, policies and execution strategies.

• Operational:

• Scheduling and planning of audits, assignment of staff and review resource requirements.
• Defining the purpose, scope and audit approach of each audit for assigned areas of audit coverage.
• Agree audit scope with client and provide final engagement letter to Senior Audit Manager for approval and distribution.
• Ensuring that all risks are addressed for the specific audit engagements.
• Provide feedback to Senior Audit Manager on the planning, execution and reporting of the audits.
• Request data from the client, document SQL queries, analyse data and document deficiencies identified after performing the required CAATs testing.
• Build relational data structures, including relationships between tables, grouping data, and following steps to perform analysis.
• Lead the identification of data analytics opportunities, design and execution of audit tests based on identified risks and management of data analytics staff with GIA.
• Review and sign-off of planning, working papers and reports, and where required raise review notes for the work performed by Team Leaders / Senior IT Auditors / IT Auditors / Data Analysts (pertaining to Engagement Letters, APMs, system descriptions, walkthroughs, process flow diagrams, RACM, test procedures, working papers, reports and action plans).
• Monitoring of the quality of work performed by the audit team and taking corrective action (where applicable).
• Provide training and supervision to audit team in order to ensure that that the required audit objectives are met and that adequate practical coverage is achieved.
• Assume a leadership role in enhancing the IT Audit team’s data analytics strategy, including training other members of the IT Audit department in basic data analytics techniques, raising awareness of the data analytics program with key members of Management and developing a continuous auditing program for the division.
• Assist Senior Audit Manager in developing the Audit Universe, Annual Internal Audit Plan, and the Three Year Rolling Plan.
• Monitor progress of audits against plan.
• Escalate cases where feedback is not received.
• Ultimately responsible for quality of audit files (MK or other).
• Proactively take on additional tasks as requested by Audit Manager.
• Provide meaningful input and monitor the effective and timely implementation of management actions to address any control weaknesses identified through risk profiling, risk events and control self- assessment.
• Conduct a Quality Assurance review of audit files and finalise once comfortable.
• Manage budgeted hours for each audit and report overruns to the Senior Audit Manager.
• External audit – develop and manage the relationship with external audit as it pertains to the reliance on CAATs work, data requirements and co-ordination of resources to deliver specific assurance for external audit.

• Follow-ups:

• Follow up on outstanding audit issues and management actions.
• Preparation, submission and presentation of follow-up progress reports at risk and/or audit committees.

• People Management and Development:

• Self-development: studying, attending courses and chapter meetings.
• Day to day management of the assigned audit staff members and / or consultants / contractors.
• Assist with staff development so as to increase competence and delivery of the department.
• Determine personal development plans and training needs, as well as implementing career path plans.
• Manage staff productivity by means of timesheets and cost recovery from auditees.
• Manage Team Leaders and other direct reports.
• Review feedback from management on performance of auditors (Team Leaders / Senior IT Auditors / IT Auditors / Data Analysts).
• Completion of mini-appraisals.

• Reporting:

• Drafting of engagement letters and final reports for Senior Management review.
• Review of draft observations and forwarding these to business for comment.
• Reporting to:

• Audit Committees
• Business Risk Committees
• Company Exco’s
• Management (detailed audit reports)
• CAE (where applicable)

• Preparation and submission of Risk and Audit committee reports / packs.
• Attending Audit and Risk Committee meetings, as and when required.
• Assist in periodic reporting on the status and results of the annual audit plan and the sufficiency of department resources.
• Ad-hoc reporting

General:

• Stay up-to-date with Internal Audit profession and industry developments.
• Ongoing development and improvement of audit methodology.
• Travel if required.

Qualification
The following qualifications are a requirement:

• Bachelors Degree or equivalent (and relevant) qualification (with Computer Science / Computer Auditing / Information Systems / Auditing / Data Science as majors)
• Honours / Masters (With Majors Preferably in Computer Science / Data Science)
• CISA / CISM / CRISC / CGEIT (one or more of the afore mentioned are advisable)
• SQL / ACL (or data analytics equivalent) certification

Experience

• 5+ years data analytics experience.
  • IT audit experience with a broad range of exposure to all aspects of business planning, systems analysis and application development
• At minimum, 1 year Oracle and Java experience and 5 years or more SQL Server and SQL Reporting Services experience.
• Reporting to Audit and/or Risk Committees.
• Essential knowledge:
  • Internal Controls
  • CAATS tools such as SQL, ACL.
  • Extensive PL/SQL programming language.
  • Technical knowledge and experience on Windows; Solaris; Linux; Oracle and networks.
• The following would be deemed as an advantage (and would be required for career progression):
  • Studying towards or in possession of relevant Bachelors or Honours Degree
  • Financial Services experience
  • Cyber and infrmation security
  • Application controls reviews

Competencies
Analytical Thinking Ability: ability to split a task or problem into its component parts and use these in a logical and systematic manner to reveal all the implications of the consequences of situations
Audit Management Skills: planning, prioritising audits, resources and controlling audits, take preventive and evasive action in order to meet deadlines.
Communication Skills: able to communicate clearly both verbally and in writing.
Relationships: building relationships with auditees, audit committees and external auditors.
Management Skills: Planning and prioritising the work of others. Clearly assigning responsibility for tasks and decisions. Setting clear objectives and measures. Monitor progress, process and results.
Reporting Skills: ability to consolidate information and compile reports reflecting the necessary relevant information.

EMPLOYMENT EQUITY
The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.