Organization Name: NSSA
Reporting to the Information System Audit Manager, the successful candidate will assist in conducting appraisals of the policies, procedures, and management controls of the Authority to ensure that all the activities are properly managed to promote adequate and effective systems of internal control at reasonable cost.
Key Responsibilities
- Assisting in developing a Risk Based Annual IT Audit Plan which provides assurance of IT Governance, Information Security, Database Security, Business Continuity planning, Disaster Recovery Planning, and IT Project Governance (Pre and Post Implementation).
- Production of Information systems audit workplans, programmes and questionnaires (data collection tools)
- Formulating the audit strategy and workplan for each audit assignment
- Evaluating and recommending on the effectiveness of the information technology environment (operating systems, networks, infrastructure, billing systems, information databases, financial reporting systems and all other peripheral/ interfaced applications) including general system controls, infrastructure controls and application controls
- Identifying and assessing risk/vulnerabilities inherent in IT infrastructures and technology enabled processes and recommending controls/measures that will mitigate identified risk.
- Implementing the ICT annual audit plan, as approved, including as appropriate any special tasks or projects requested by the head to ensure the annual audit plan is effectively implemented.
- Reviewing corrective action taken by management to implement audit recommendations and draw attention to any failure to take remedial action and consequent risks accepted.
- Spearheading the use of CAAT and application of a forensic audit approach paying particular attention to cyber security. Providing training and support to financial auditors on use of CAATS.
- Develop, build and implement Audit tools (ACL, SQL, Excel queries)
- Assist in the development and implementation of the Continuous Monitoring/Computer Assisted Auditing techniques and processes (CAAT)
- Carrying out data integrity reviews on data generation, processing, reporting, archival, retrieval and destruction.
- Evaluating and recommending on the design, implementation, and monitoring of logical access controls and physical access controls to ensure the confidentiality, integrity, availability, and authorized use of information assets.
- Compiling factual, accurate and timely audit reports and attend exit and close-out meetings with management.
- Ensuring that the reports/working papers and databases are properly archived and retrievable for future references after the completion of work.
Requirements
- A Bachelor of Computer Science Degree, Bachelor of Science Information Systems Degree or Business Studies & Computer Science Degree.
- Professional qualification e.g. CISA, CISSP
- Member of ISACA or IIA
- Working knowledge of at least one data analytics software package or programming experience.
- Digital Forensics or Cyber Security qualification
- A minimum of 5 years IT auditing experience
How to Apply
Interested candidates should apply online using NSSA website (www.nssa.org.zw) on the following link: www.nssa.org.zw/careers