Information Systems Auditor at Konga Online Shopping Limited

Job Category: Senior Level

Role Summary

• The Information Systems Auditor will be responsible for assessing information systems for areas such as physical security, access, logging, and systems continuity.
• He or she will develop and implement audit plans on diverse computer applications and providing assurance for systems reliability and quality of information; analyzing information technology processes, businesses controls, and programs; identifying internal control risks and recommending their solutions; providing training to audit team members and preparing audit reports.
• Also, the Information Systems Auditor will perform detailed evaluation and internal control and audit reviews of computer information systems. Develops and maintains audit software. Consults with administrators, faculty, and staff on computer information systems operational issues.

Role Responsibilities

• Evaluate and review a range of mainframe, PC, and distributed production and applications computer systems.
• Review system backup, disaster recovery and maintenance procedures.
• Performs general and application control reviews for simple to complex computer information systems.
• Performs information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.
• Directs and/or performs reviews of internal control procedures and security for systems under development and/or enhancements to current systems.
• Maintains and develops computerized audit software.
• Prepares audit finding memoranda and working papers to ensure that adequate documentation exists to support the completed audit and conclusions.
• Prepares and presents written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management.
• Consults with and advises administrators, faculty, and staff on various operational issues related to computerized information systems, and on general business operations as needed.
• Follows up on audit findings to ensure that management has taken corrective action(s).
• Coordinates and interacts with external auditors, administrators, faculty, staff and law enforcement officials as appropriate.
• Assists and trains other audit staff in the use of computerized audit techniques, and in developing methods for review and analysis of computerized information systems.
• Maintains currency of knowledge with respect to relevant state-of-the-art technology, equipment, and/or systems.
• Conduct operational, compliance, financial and investigative audits, as assigned.
• Execute a risk-based IS audit strategy in compliance with IS audit standards to ensure that key risk areas are audited.
• Plan specific audits to determine whether information systems are protected, controlled and provide value to the organization.
• Conduct audits in accordance with IS audit standards to achieve planned audit objectives.
• Communicate audit results and make recommendations to key stakeholders through meetings and audit reports to promote change when necessary.
• Conduct audit follow-ups to determine whether appropriate actions have been taken by management in a timely manner.
• Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation, and maintenance for alignment with the organization’s strategies and objectives.
• Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
• Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.
• Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.
• Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
• Evaluate the information security and privacy policies, standards and procedures for completeness, alignment with generally accepted practices and compliance with applicable external requirements.
• Evaluate the design, implementation, maintenance, monitoring, and reporting of physical and environmental controls to determine whether information assets are adequately safeguarded.
• Evaluate the design, implementation, maintenance, monitoring and reporting of system and logical security controls to verify the confidentiality, integrity, and availability of information.

Professional Skills & Qualifications Required

• A Bachelor's degree in Information Systems, Information Technology, MIS, or accounting related discipline
• Professional Certifications in Application security such as: CPA, CISA, CISM, ACA, and/or CIA may also help find a suitable position.
• Knowledge working with audit analysis software, SAP, Oracle, Sybase, or UNIX is an advantage.
• A minimum of 5 years post NYSC experience in a similar role
• Excellent knowledge of current technological developments/trends in area of expertise.
• Knowledge of auditing concepts and principles.
• Ability to evaluate and review a range of mainframe, PC, and distributed production and applications computer systems.
• Ability to gather data, compile information, and prepare reports.
• Ability to perform control reviews on systems development, operation, programming, control, and security procedures and standards.
• Ability to review system backup, disaster recovery and maintenance procedures.
• Ability to communicate with and understand the requirements of professional staff in area of specialty.
• Ability to create, compose, and edit written materials.
• Knowledge of software requirements for the auditing of computing systems and procedures.
• Knowledge of computer systems development and programming.
• Knowledge of general accounting principles.
• Knowledge of public auditing policies, standards, and procedures.
• Knowledge of federal, state, and local laws, regulations, and standards governing all aspects of the utilization of computer systems.
• Excellent planning & Organizational skills
• Problem solving, Analytical skills and Leadership skills