Purpose
To execute and deliver the approved IT audit plan in compliance with the MIA methodology and charter.
Minimum Qualification and Experience
At least 3-year degree in Auditing or Information Technology
-
CISA/ CIA Certification or related post graduate qualification
-
4 - 6 years or more IT audit experience with 1 – 2 years in supervisory capacity
Job Objectives
-
To plan, execute, and report on the approved audit plans for relatively more complex audits as per the MIA methodology and charter.
-
Assist in the development of the 3-year rolling audit plan and detailed annual IT Audit plan based on the strategic and operational IT risks within the Group.
-
Perform audits across areas such as:
-
ITGCs (access, change, operations)
-
IT systems and applications
-
Cybersecurity and cloud (where applicable)
-
Compliance with GIA methodology, effective utilisation of time, adherence to objectives and scope
-
Coordinated and effective audits and quality working papers
-
Provide guidance to Divisional Audit Management on IT related activities
-
Take responsibility to all IT audit presentation at EXCO
-
Manage work within the allocated time
-
Conduct fieldwork, testing, and documentation
-
Ensure compliance with MIA / GIA methodology
-
Prepare clear, accurate working papers and audit evidence
-
Identify control weaknesses and raise audit findings
-
Assist in drafting audit reports
-
Manage own work to meet allocated timelines and budgets
-
Build and maintain relationships with auditees
-
Stay updated on IT trends and risks
-
Assist in planning audits by contributing to:
-
Risk assessment
-
Scope definition
-
Audit program development
Job Outputs – Roles and Responsibilities
Process Governance
Activities
-
Execute audit procedures and testing in accordance with approved audit programs and the Internal Audit methodology.
-
Participate in audit planning activities, including understanding business processes, identifying risks, and documenting process information.
-
Prepare and maintain audit working papers that adequately support audit procedures performed, results obtained, and conclusions reached.
-
Gather, analyze, and evaluate information to assess the adequacy and effectiveness of IT controls and related processes.
-
Identify control weaknesses, risk exposures, and opportunities for improvement, and communicate these to senior team members.
-
Assist in the development of audit observations, findings, recommendations, and draft report content.
-
Attend meetings, interviews, and walkthroughs with stakeholders as required during audit engagements.
-
Maintain regular communication with audit seniors and managers regarding audit progress, challenges, and emerging risks.
-
Ensure compliance with Internal Audit Standards, departmental methodologies, policies, and quality assurance requirements.
-
Apply a risk-based approach when performing audit procedures and evaluating controls.
-
Accurately complete administrative requirements, audit documentation, and status reporting.
-
Participate in departmental training, knowledge-sharing initiatives, and continuous professional development activities.
-
Collaborate with team members and contribute to a positive and productive audit environment.
-
Build and maintain professional relationships with stakeholders while demonstrating professionalism and objectivity.
-
Support special projects, investigations, and other assignments as required by management.
Expectations
-
Audit assignments are completed within agreed timelines and budgeted hours.
-
Audit testing is performed accurately, thoroughly, and in accordance with approved audit procedures.
-
Working papers meet quality standards and are sufficiently detailed to support audit conclusions and management review.
-
Audit evidence is complete, reliable, relevant, and properly retained.
-
Audit findings and recommendations are clear, practical, well-supported, and aligned to identified risks.
-
Assigned audits contribute to the successful execution of the approved Audit Plan.
-
Progress updates are provided proactively and timeously to audit management.
-
A sound understanding of IT risks, controls, governance frameworks, and audit principles is demonstrated.
-
Technical, professional, and auditing competencies show continuous improvement.
-
Professional relationships with clients and colleagues are maintained through effective communication and collaboration.
-
Departmental policies, procedures, methodologies, and professional standards are consistently adhered to.
-
Risks, control deficiencies, and improvement opportunities are identified and communicated effectively.
-
Administrative deliverables are completed accurately and within required timeframes.
-
Positive contributions are made towards team performance and overall audit quality.
-
Audit reports are supported by accurate, complete, and well-documented audit work.
-
Professionalism, integrity, confidentiality, and ethical behavior are consistently demonstrated.
-
Feedback is acted upon constructively to improve individual performance and audit effectiveness.
-
Audit engagements are delivered successfully, contributing to stakeholder satisfaction and the achievement of departmental objectives.
Client Relationship Management
- Build and maintain client relationships.
-
Communicate with senior management and operational staff.
-
Conflict resolution.
-
Verbal and non-verbal communication.
Code of Conduct
-
Knowledge of the Motus and MIA codes of conduct.
-
Adherence to the Motus and MIA codes of conduct.
Competency Requirements
Communication
-
Strong verbal, written, and presentation skills, with the ability to provide timely and ongoing updates to senior team members and supervisory staff.
Personal moral skills
-
Demonstrates high levels of integrity, professionalism, ethical conduct, and a strong work ethic, consistently aligning actions with organisational values and principles.
Analytical
-
Applies logical reasoning and critical thinking to evaluate information, break down complex issues into manageable components, and draw sound, evidence-based conclusions.
Report Writing
-
Depending on the staff level, team members are required to prepare clear, concise, and accurate working papers, draft findings, recommendations, and reports. Documentation should adequately substantiate the scope, testing performed, and results obtained when assessing the design adequacy and operational effectiveness of internal controls, for review by the next level of management.
Organisation
-
Effectively manages competing priorities and consistently delivers quality work within tight deadlines in a dynamic and fast-paced environment.
Flexibility
-
Demonstrates a willingness to embrace change and adapt to evolving assignments, priorities, and work environments.
Personal Motivation
-
Displays initiative, works independently with minimal supervision, and takes ownership of responsibilities and deliverables.
Communication and Network
-
Builds and maintains effective working relationships with management, functional leaders, and support teams to achieve business and project objectives.
Project Management
-
Plans, coordinates, and prioritises multiple tasks and activities effectively to ensure deadlines and project objectives are met.
Working as a Team
-
Collaborates effectively with colleagues, contributing positively to team objectives while fostering a cooperative and inclusive working environment.
Applying Expertise
-
Applies professional knowledge, expertise, and technology effectively to deliver high-quality outcomes and support business objectives.
Continuous Improvement
-
Proactively identifies opportunities for improvement, contributes innovative ideas, and supports initiatives that enhance processes, efficiency, and effectiveness.
Meeting Customer Needs
-
Consistently delivers high-quality results while meeting customer expectations and maintaining a strong focus on service excellence.
Time management skills
-
Demonstrates strong time management skills, including goal setting, planning and scheduling activities, managing appointments, maintaining accurate records, prioritising tasks, multitasking effectively, and making informed decisions to achieve desired outcomes.