The Internal Auditor is accountable for executing internal audit engagements in accordance with approved audit plans and methodologies, providing assurance on the effectiveness of internal controls, risk management, and governance processes. The Internal Auditor supports the delivery of audit assignments through detailed fieldwork, documentation, and reporting, contributing to the identification of control weaknesses and process improvement opportunities.
Audit Execution and Support
- Conduct background research, compile prior audit findings, compile relevant documentation, assist with audit planning, process mapping and provide input during engagement risk discussions.
- Perform audit fieldwork in accordance with the approved audit programmes and internal methodologies.
- Perform control testing, substantive procedures, and data analysis, ensuring sufficient and appropriate audit evidence is obtained.
- Document working papers in compliance with internal standards and IIA requirements, ensuring accuracy, completeness and proper referencing.
- Identify control deficiencies, root causes and associated risk implications and document audit findings.
- Develop and maintain process flow charts and analyse risk and controls within the business processes.
- Devise a detailed plan to assess risks and controls within a particular process for review by the Senior Internal Auditor
- Plan, develop and execute comprehensive audit programmes for all audit areas as requested by the Senior Internal Auditor and approved by the Internal Audit Head
- Interact with internal and external bodies such as Risk Management, External Audit, Legal Services, Regulators, and other relevant stakeholders.
- Execute audit procedures, including identifying and defining issues, developing criteria, reviewing, and analysing evidence and documenting client processes and procedures.
- Conduct audits on the annual audit plan professionally according to IIA’s International Standards for the Professional Practice of Internal Auditing (Standards).
- Conduct assigned audit projects from initiation to the issuance of final audit reports.
- Ensure engagements are undertaken and performed with proficiency and due professional care in accordance with IIA’s International Standards for the Professional Practice of Internal Auditing (Standards) and Internal Audit Methodology.
Reporting Findings and Follow-Up
- Evaluate the adequacy and effectiveness of internal controls and provide insights and recommendations for process improvements where necessary.
- Prepare audit reports aligned with the work performed during the fieldwork, ensuring clarity and accuracy.
- Communicate audit and consulting engagement results through written reports and presentations to management.
- Present audit findings to relevant stakeholders and facilitate discussions to agree on corrective actions.
- Produce high-quality audit reports, ensuring recommendations are value-adding, practical, and implementable.
- Monitor and follow up on agreed management actions, tracking progress and updating audit systems.
- Produce periodic operational reports as required.
Stakeholder Management & Collaboration
- Build and maintain professional working relationships with internal stakeholders
- Interact with internal and external stakeholders such as Risk Management, External Audit, Legal Services, and Regulators during audit engagements.
- Share knowledge and insights gained from the audit activities with team members.
- Develop and maintain productive client, staff and management relationships through individual contacts and group meetings
Key Measurement of Outputs
- Timely and accurate execution of audit procedures in line with audit plans
- Quality and completeness of audit working papers and documentation
- Contribution to clear, accurate, and value-adding audit reports
- Effectiveness in identifying risks and control deficiencies
- Timely follow-up and tracking of audit findings, as well as updating the audit system.
- Professional stakeholder engagement and collaboration
- Adherence to audit methodology and professional standards
Minimum Qualifications
- A Bachelor’s Degree in Internal Audit or Accounting.
Minimum Experience
- A minimum of 8 years’ experience in an internal audit environment, specifically within financial services.
- Working knowledge and understanding of internal control and risk frameworks and regulations, e.g. COSO
- Demonstrated experience in internal audit processes and system analysis.
- Experience in the theory and practice of internal audit, risk identification and assessment.
- Proven ability i n performing all types of internal audits in accordance with the IIA’s International Standards for the Professional Practice of Internal Auditing (Standards)
- Proven ability to ensure all governance and compliance requirements are met to eliminate potential inappropriate and corrupt practices.
- Understanding of the governance framework of the public sector Supply Chain Management
- Strong understanding of capabilities required by the Bank to execute on strategy. Exposure to financial reporting standards (e.g. IFRS) and regulatory environments is advantageous.
- Experience in drafting audit findings and contributing to audit reports.
- Developing the ability to engage with stakeholders and support audit discussions at an operational level.
Desirable Experience
- Experience in auditing Supply chain management processes in the public sector.
- Understanding data modelling and database design fundamentals.
- Understanding Information Systems Fundamentals.
- Postgraduate qualification in Internal Audit or Accounting.
- Qualifications in Data Analytics
- Professional certification in internal auditing or equivalent (Certified Internal Auditor (CIA) and/or Certified Information Systems Auditor (CISA), CA(SA)).
- Knowledge of the relevant legislative framework, i.e. King IV, PFMA and other National Treasury and relevant legislation, etc.
- Experience in financial services and information technology audits.
TECHNICAL COMPETENCIES
Audit
- Understands internal audit standards and the procedures expected in conducting assignments.
- Contributes to the planning of specific audit assignments.
- Prepares medium-in-complexity audit reports to specified standards, including format, style and timelines with the need for minimal editorial changes.
- Provides advice and recommendations on the establishment of plans, training and/or manuals for ensuring compliance with regulations.
- Able to conduct audits in accordance with audit guidelines and departmental guidelines.
Detail Orientation
- Identifies multiple sources/approaches of information to ensure that details are addressed.
- Reviews the work of others for accuracy and thoroughness.
- Follows up to ensure tasks are completed and commitments met by others.
Solution Focus
- Identifies complex problems based on a broad range of factors, many of which are ambiguous or difficult to define.
- While remaining guided by organisational values, identifies optimal solutions, thinking first in terms of possible approaches and flexibilities in the system vs. blind adherence to rules or procedures.
- Evaluates the effectiveness and efficiency of solutions after they have been implemented and identifies needed changes.
Risk Management Policies and Procedures
- Develop innovative approaches to managing significant business risks effectively and efficiently.
- Leads implementation, execution and monitoring activities
- Advises on best solutions and foresees the impact of changes in regulations, policies and procedures for non-complex and increasingly complex business issues.
Reporting
- Designs/customises reports to meet user needs.
- Prepares complex or tailored reports, gathers information from a variety of sources, analyses and includes in a report.
- Keeps standard reports under review and proposes improvements to meet user needs.
- The KPA’s, competencies and relationships listed in this document are not exhaustive, and the incumbent will be expected to undertake additional duties within their capacity to meet the needs of business and/or the business unit.
BEHAVIOURAL COMPETENCIES
Analytical Thinking
- Analyses and interprets multiple complex causal links: several potential causes of events, several consequences of actions, or multiple-part chains of events to prioritise and develop a plan of action.
Attention to Detail
- Monitors the quality of others’ work.
- Checks to see that procedures are followed by others.
- Keeps clear, detailed records of own and/or others’ activities.
Strategic and Innovative Thinking
- Experiments with new approaches, tests scenarios, questions assumptions and challenges conventional thinking.
- Creates new concepts that are not obvious to others, leveraging internal and external sources of information, to build incremental revenue and growth opportunities.
Driving Delivery of Results
- Sets challenging goals that will have a significant impact on the business or support the organisational strategy.
- Commits significant resources and/or time to ensure that challenging goals are achieved, while also taking action to mitigate risk.
Teamwork and Cooperation
- Openly praises others who have made contributions to the group’s efforts.
- Empowers others, making them feel valued, strong and important.
- Encourages others after a setback.
Developing Others
- Gives directions or demonstrations with reasons or rationale as a training strategy.
- Gives practical support or assistance to make the job easier for the other individual.
- Asks questions, gives tests, or uses other methods to verify that others have understood the explanation or directions.
