Senior IT Auditor -(IT Audit) at MTN

Mission/ Core purpose of the Job

• Reporting to the senior manager, the role carries out medium/high priority/risk internal audit work on the Technology processes and systems as assigned, in line with the audit plan and the standards and methodologies set by Internal Audit and Forensics Function. Performs analysis and monitoring on internal Technology controls and vulnerabilities, IT equipment, IT system risk management and the effectiveness of internal audit, providing recommendations on improvements in order to ensure an increasingly robust internal audit processes, which aims to reduce Technology risks and information security risks.

Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)
The Auditor: Technology role will be accountable to achieve the following objectives:

• Assist the Senior Manager in the execution of technology systems and processes audit plans, in order to identify risks and vulnerabilities in the particular control areas and to ensure that processes and systems comply with company policies, and statutory and regulatory policies;
• Serves as an active member of the audit team directly executing medium/high priority/risk internal audits on the technology systems and processes: through analysing reports and logs, conducting system and process audits, testing, preparing database updates, providing status reports and preparing final audit reports on assignments carried out, in line with internal audit standards and methodologies;
• Ensure that audits and assessments consider the effectiveness of the control areas, such as: application controls, information security, change management/system development lifecycle, disaster recovery reviews, pre and/or post implementation review, IT project management, IT project governance, IT risk management, data migration reviews, data quality reviews, business process mapping reviews, IT acquisition and implementation reviews, information technology systems and infrastructures process and control reviews;
• Review audit reports on the technology systems and processes, ensuring execution according to plan, quality and adherence to internal audit standards, methodologies and procedures;
• Provide analysis on technology systems and processes internal audit data, identifying weaknesses in IT systems and internal policies, IT system vulnerabilities, and trends on IT systems failures, vulnerabilities, inconsistencies, weaknesses in the control areas, and reporting these to management, with recommendations on possible mitigations and enhancements;
• Assist in compiling internal audit reports for management review;
• Measure/evaluate technology systems and processes compliance to statutory and regulatory requirements and the company’s policies and procedures;
• Carry out regular, comprehensive and holistic information security and IT systems control assessments, to identify risks and areas that need focus;
• Recommend changes to IT systems and processes, based on internal policies, best practices and continuous change in available technologies;
• Keep up to date with new technology solutions to mitigate/change IT systems security vulnerabilities and provides reporting on these solutions.

 Key Deliverables

• Conduct Audits
• Reporting on Audit Outcomes
• Quantification of Values at Risk
• Coverage footprint across relevant Departments/Functions/Locations

Role Dependencies

• Active support from the Senior Manager
• Understanding of the respective technology and business contexts and the risks associated with these
• Intrafunctional collaborations with Group Risk and Compliance
• MTN policies and procedures
• Alignment of Group with Group risk management initiatives
• Skilled and experienced Suppliers/Specialists to support and safeguard functions

Job Requirements (Education, Experience and Competencies)
Education:

• Minimum 3 year Diploma
• Preferred – 4 Years Bachelor of Commerce/Bachelor of Science
• Preferred – CISA / CISSP
• Fluent in language of country with basic command of English

Experience:

• Minimum 3 years’ experience in internal audit, specifically in IT system and processes audits
• Experience in supervising others advantageous
• Experience working in a medium organization

Competencies:

• Conceptual Thinker, Problem Solver, Improvement Driver
• Culture and Change Champion, Supportive People Manager, Relationship Manager
• Results Achiever, Operationally Astute

Skills:

• Strong investigations skills – preferably in the context of Technology
• Project Management