Information System Audit Lead at Ikeja Electricity Distribution Company

Role Title

• To support the Head, Internal Audit in providing independent assurance and advisory over the organization’s information systems by leading risk-based IT audits, evaluating technology controls, identifying IT risks, and ensuring the confidentiality, integrity, and availability of systems in alignment with regulatory requirements and international standards.

Role Responsibilities
Audit:

• Responsible for developing a risk-based Annual IT Audit Plan by identifying areas of audit –the internal audit team has to initiate the preparation of an annual audit plan at the beginning of the year.
• Leading/conducting projects in the IT audits, compliance audits, investigations and advisory on the IT domain.
• Identify and evaluate the company’s audit risk areas relating to Information Technology through a risk-based audit methodology.
• Plan the resources and requirements for the different IT audits and special assignments.
• Perform specialized IT audits/reviews and ensure the adequacy of audit scope, the adequacy of testing performed, and the accuracy of conclusions reached.
• Ensure that IT audit procedures are strictly adhered to, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting technical processes and procedures.
• Communicate the results, findings and recommendations of IT audit projects via written reports and face-to-face presentations on a timely basis.
• Assess information technology control elements to mitigate IT risks regarding the confidentiality, integrity, and availability of business information in compliance with security best practices (such as ISO 27000).
• Ensure that the IT audit team implements various processes and policies decided upon.
• Ensure that strategies defined are implemented by the IT audit team for accomplishment of the department’s objectives.
• Analyze IT audit results and recommend corrective action based on significant audit findings.
• Visit the Auditee’s office during the course of the audit for better supervision & control.
• Carry out specific management-assigned jobs - conducting special IT audits on a case-to-case basis.
• Follow-up on the progress of implementation of various decisions undertaken on the basis of IT audit report and thus resulting in efficient performance of the IT department.
• Manage the MIS/KPIs related to IT audits.
• Maintain all organizational and professional ethical standards and ensure IT audit activities are carried out in compliance with applicable standards including International Standards for.

Consulting:

• Lead consulting engagements related to Information and network security, IS governance, Business continuity and disaster recovery based on best practices of each area (ISO 27000, ISO 20000, ITIL and COBIT framework) if required to do so.
• Communicate the results of consulting projects via written reports and oral presentations on a timely basis.
• Review of Technology related policies and procedures and any IT operations of the Company for submission to the Head, Internal Audit before being raised for management/board approval.
• Provide consulting services to the company’s management and staff pertaining to information security policies and procedures based on best practices such as ISO 20000.

IT Related Special Audit Assignments and Fraud Investigations:

• Conduct or lead the Internal Audit team in performing any IT-related fraud investigations or any special audit assignments relating to the IT domain.

Minimum Requirements

• Relevant University degree or its equivalent in science or social science.
• Relevant Post Graduate degree and Possession of professional certification in information system auditing (i.e, CISA/CISSP).
• Post qualification experience of 10 years in energy, power, financial or manufacturing sector.
• Hands-on experience on the use of ACL to perform data analysis and investigations.

Skills & Competencies:

• Communication skills.
• Problem identification and solution skills.
• Ability to promote value of internal audit.
• Industry, regulatory, and standards changes
• Organizational skills.
• Conflict resolution/negotiation skill.
• Accounting frameworks, tools, and techniques
• Customer Centricity
• Risk Management
• People Leadership
• Entrepreneurship
• Organizational Learning
• Change Management.