IT Auditor at Oilserv Limited

Job Summary

This position supports the Internal Audit and Compliance department to achieve of providing reasonable assurance, value addition and improve organization operations as it relates to information technology. S/He will plan, execute, and report on the IT General Controls, Application controls, Infrastructure. S/He will provide consulting services to the business to improve IT operations and IT controls.

Responsibilities

• Plan audit to determine whether information systems are protected, controlled, and provide value to the organization.
• Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program.
• Evaluate the organization’s management of IT policies and practices.
• Evaluate the organization’s IT policies and practices for compliance with regulatory and legal requirements.
• Evaluate the organization’s ability to continue business operations.
• Evaluate whether IT supplier selection and contract management processes align with business requirements.
• Conduct post‐implementation review of systems to determine whether project deliverables, controls, and requirements are met.
• Evaluate whether IT service management practices align with business requirements.
• Conduct periodic review of information systems and enterprise architecture.
• Evaluate IT operations to determine whether they are controlled effectively and continue to support the organization’s objectives.
• Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the organization’s objectives.
• Conduct audit in accordance with IS audit standards and a risk based IS audit strategy.
• Communicate audit progress, findings, results, and recommendations to stakeholders.
• Conduct audit follow‐up to evaluate whether risks have been sufficiently addressed.
• Evaluate the IT strategy for alignment with the organization’s strategies and objectives.
• Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded.
• Evaluate logical security controls to verify the confidentiality, integrity, and availability of information.
• Review and evaluate IT General Controls, application controls and IT Security management in accordance with ISO 27001.
• Provide recommendations and guidance on identified security and control risks.
• Perform technical security testing to identify potential threats and vulnerabilities.
• Utilize data analytics tools to streamline audit processes.
• Provide consulting services and guidance to the organization to improve the quality and control of information systems.
• Identify opportunities for process improvement in the organization's IT policies and practices.
• Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.

Requirements

• A minimum of a bachelor’s degree from a recognized higher institution in a related field, such as Accounting, Finance, Computer Science, or Business
• Certified Information Systems Auditor (CISA) (essential).
• The Institute of Internal Auditor (membership)
• Chartered Accountant (ACA. ACCA) (optional
• A minimum of six years of experience in the auditing field, two of which must have been in Information Systems Auditing.
• Big 4 experience is an advantage.