PURPOSE OF POSITION:
This position will provide leadership in the review and advisory on all key information systems and infrastructure within the region either independently or jointly with other teams. The person in this position is responsible for leading, conducting and advising on all information systems audit work within the region including audits of computer applications, information security and technological solutions at the region and within national offices. The person in this position will also champion Information Technology (IT) use within the Regional Internal Audit (RIA) team through capacity building in line with Global Internal Audit strategic direction.
The position is expected to operate with considerable independence within the scope of their assignments. This role interacts regularly with IT and non-IT personnel and management at the national office and regional level, necessitating a wide degree of creativity and latitude, in addition to well-developed interpersonal and leadership skills.
IT Audit Engagement:
- Audit planning, execution and reporting
- Develop detailed IT audit work plans, information system and application audit programs for specific engagements, audit schedules, risk assessments and IT audit status reports within the region.
- Engage with management at the local and regional level to obtain better understanding of business processes and key areas of risk affecting strategic goals.
- Lead or function as a team member to plan and implement IT audits based upon an understanding of the critical IT controls within the core process/area under review in accordance with the IIA and ISACA related Standards; and use the
- Governance, Risk and Control system and the designed templates for assessing and evaluating the IT risk universe.
- Analyze evidence gathered and accurately communicate findings and recommendations to appropriate management and directors both orally during the exit conference and written reports.
- Follow-up on remediation of identified deficiencies.
Collaboration, Advisory Services and Networking:
- Collaborate with IT project teams within the region and participate (advisory role) in live (ongoing) IT initiatives as a subject matter expert in matters relating to controls and compliance.
- Provide consultative advice to stakeholders by identifying key IT control gaps and risks related to key processes within the region.
- Assist in the evaluation of potential occurrence of fraud in IT systems and how management mitigates the risk within the region.
- Provide training and guidance to the WAR internal audit team on evaluation of general and application controls of systems, use of computer assisted audit techniques (CAATs) to facilitate the testing of controls and application of data analytics and business intelligence to detect possibility of frauds and non-compliance to existing standards and expected controls.
- Perform special projects as assigned by the GC IT Audit Director including assisting in regulatory audits related to information security, IT fraud investigation, design specialized audit tools using technology, conducting training and other tasks as assigned.
- Participate in the global roadmap for GIA Information Technology initiatives, innovations, automation and training as may be requested by supervisor or GIA leadership.
Maintain Continuing Education (CPE) by attending online courses or professional seminars and trainings. The incumbent should maintain a minimum of 40 CPE credits per year.
KNOWLEDGE, SKILLS & ABILITIES:
- Bachelor’s degree or higher in computer science, information technology, management information systems, information security, accounting, or a related discipline, or equivalent work experience.
- At least five (5) years’ experience in information technology (IT) or information systems audit and advisory.
- Technical professional certification required (CISA, CISSP, CISM or CRISC). CPA (Certified Public Accountant) or CIA (Certified Internal Auditor) or CA (Chartered Accountant) a plus.
- Knowledge of COBIT and best IT industry practices.
- Extensive engagement experience with management at middle and senior level.
- The ability to design and execute data analytics tests to support business process audits.
- Exposure to various audit management and /or accounting systems.
- Notable level familiarity with various IT platforms, operating systems and information security.
- Experience in terms of assisting with the development and/or improvement of IT audit methodologies.
- Ability to plan, perform, document and report on audits.
- Experience in dealing with people from diverse cultures and backgrounds.
- Fluent in English.
- Knowledge of French.
- CISA – Certified Information Systems Auditor.
Preferred Skills, Knowledge and Experience:
- Computer skills (office applications, accounting systems and IT audit tools like Nessus, Solar winds, etc. is a plus).
- Excellent communication skills – written, oral and presentation – in fluent English.
- Outstanding quantitative, analytical, problem solving and organizational skills.
- Strong project management skills.
- Demonstrated ability to successfully communicate with people at all levels of the organization.
- Good time management and proven interpersonal skills.
- Demonstrated ability to execute and deliver under challenging circumstances.
- Self-motivated, and ability to work independently.
- Well-travelled and experience in dealing with cross cultures.
- Working knowledge in the areas of: IT systems, information security, financial applications, Windows operating systems, software development lifecycle, network security, internet and related technologies, ERP Systems and databases.
- The position requires ability and willingness to travel domestically and internationally up to 40% of the time.
- This role involves working in a virtual /geographically dispersed / multi-cultural team.