Systems Auditor
Kenya Red Cross Society is one of the largest humanitarian organizations in Kenya. Its mission is to be the leading humanitarian organization in Kenya delivering excellent quality service of preventing and Alleviating Human Suffering. Since 2008, looking for new and sustainable sources of income, KRCS opened the Boma Hotel properties in Nairobi, Eldoret and Nyeri respectively offering deluxe luxury accommodation and conference facilities, with profits going directly to fund its humanitarian work.
The Society is looking for a qualified person to fill the following position:
Position Title: Systems Auditor
Reporting to: Head, Group Internal Audit and Risk Management
Job location: Head Office
Position summary
The purpose of this role is to conduct internal audits related to information technology functions/ processes and the technology applications that support business functions for the KRCS and the Boma Hotels. The internal system audit activities involve analysing risks and controls, recommending process and control improvements, and providing reports summarizing audit activity to relevant stakeholders. The Information Systems Auditor must effectively interface with all levels of management, as well as participate in Group Audit initiatives and activities.
KEY RESPONSIBILITIES
Conduct continuous risk assessment of the information technology environment including operating systems, network infrastructure, main service application and all peripheral/interfaced applications in the Hotel and KRCS with a view to determine the main areas of focus and priority and hence draw appropriate audit plan
Plan and conduct audits of specific target areas identified from the overall risk assessment above in consultation with the Head – Group IA&RM, and partner with external consultants in certain areas as approved to ensure quality audit approach, achievement of set audit objectives and completion within agreed schedules
Recommend and negotiate appropriate technical solutions to manage identified risks
Prepare reports and analysis that communicate audit results for the relevant business conditions and business risks/controls
Provide support to the audited business and operational support functions on implementation of recommended solutions to manage identified risks over the applications systems and compliance with the information system security best practices
Continuously review and monitor information security implementation
Continuously keep abreast of fast changing information systems exposures and threats andensure adequate and up-to-date information security measures are in place for maximum protection of the Hotels and KRCS information assets.
Work in partnership with Audit team, Hotel Management and KRCS Management and other risk control functions to ensure that processes, business activities, and internal controls are effective in managing technological risks
In consultation with other Hotel & KRCS Officers, promptly and thoroughly investigate reported cases of theft or losses arising from error or fraud affecting information systems, also for any security violations identified to warrant such investigations. Conduct continuous risk assessment of the information technology environment including operating systems, network infrastructure, main service application and all peripheral/interfaced applications in the Hotel and KRCS with a view to determine the main areas of focus and priority and hence draw appropriate audit plan
Minimum Qualifications
Bachelor’s degree preferably in Information Systems Management (Computer Science), Business Administration, Commerce or related field’s with professional accounting qualification such as CPA
Be a qualified Certified Information Systems Auditor (CISA).
A Certified Internal Auditor designation, Certified Information Security Manager (CISM) or Certified Information System Security Professional (CISSP) will be an added advantage
2 – 4 years of Information system audit experience
Demonstrated experience in use of CAATs e.g Audit Command Language (ACL) or IDEA is Key
Demonstrated knowledge of Sun Accounting Application, Opera and Micro Hotel System’s
Desired competencies
Technical skills to effectively perform IS Audit activities/tasks in a manner that consistently achieves established quality standards or benchmarks.
Demonstrated understanding of internal auditing standards in respect of audit, internal control, risk and governance principles.
Able to integrate understanding of industry trends and vulnerabilities to identify future possibilities, opportunities and risks
Knowledge and application of modern IS security management practices in humanitarian and service industry to proactively review and recommend security quality improvements in line with technological and service changes.
Ability to understand and document workflows and business processes
Knowledge and effective application of all relevant policies, processes, procedures and guidelines to consistently achieve required compliance standards or benchmarks.
Self-driven and appreciation of Performance management to optimize personal productivity. Organized; able to work both independently or in a team setting.
Ability to identify solutions that effectively address business and control needs.
Interpersonal skills to effectively communicate audit results to functional heads and other stakeholders including Ability to maintain highest integrity on audit, deal withGovernance Committees and government agencies on audit without compromising the objectivity of the internal audit function.
Self-empowered to enable development of open communication, teamwork and trust that are needed to support true performance
Applications should be sent to the following address to be received on or before Friday, 14th February, 2014.
Secretary General
Kenya Red Cross Society
P.O. Box 40712-00100,
Nairobi
The Society is looking for a qualified person to fill the following position:
Position Title: Systems Auditor
Reporting to: Head, Group Internal Audit and Risk Management
Job location: Head Office
Position summary
The purpose of this role is to conduct internal audits related to information technology functions/ processes and the technology applications that support business functions for the KRCS and the Boma Hotels. The internal system audit activities involve analysing risks and controls, recommending process and control improvements, and providing reports summarizing audit activity to relevant stakeholders. The Information Systems Auditor must effectively interface with all levels of management, as well as participate in Group Audit initiatives and activities.
KEY RESPONSIBILITIES
Conduct continuous risk assessment of the information technology environment including operating systems, network infrastructure, main service application and all peripheral/interfaced applications in the Hotel and KRCS with a view to determine the main areas of focus and priority and hence draw appropriate audit plan
Plan and conduct audits of specific target areas identified from the overall risk assessment above in consultation with the Head – Group IA&RM, and partner with external consultants in certain areas as approved to ensure quality audit approach, achievement of set audit objectives and completion within agreed schedules
Recommend and negotiate appropriate technical solutions to manage identified risks
Prepare reports and analysis that communicate audit results for the relevant business conditions and business risks/controls
Provide support to the audited business and operational support functions on implementation of recommended solutions to manage identified risks over the applications systems and compliance with the information system security best practices
Continuously review and monitor information security implementation
Continuously keep abreast of fast changing information systems exposures and threats andensure adequate and up-to-date information security measures are in place for maximum protection of the Hotels and KRCS information assets.
Work in partnership with Audit team, Hotel Management and KRCS Management and other risk control functions to ensure that processes, business activities, and internal controls are effective in managing technological risks
In consultation with other Hotel & KRCS Officers, promptly and thoroughly investigate reported cases of theft or losses arising from error or fraud affecting information systems, also for any security violations identified to warrant such investigations. Conduct continuous risk assessment of the information technology environment including operating systems, network infrastructure, main service application and all peripheral/interfaced applications in the Hotel and KRCS with a view to determine the main areas of focus and priority and hence draw appropriate audit plan
Minimum Qualifications
Bachelor’s degree preferably in Information Systems Management (Computer Science), Business Administration, Commerce or related field’s with professional accounting qualification such as CPA
Be a qualified Certified Information Systems Auditor (CISA).
A Certified Internal Auditor designation, Certified Information Security Manager (CISM) or Certified Information System Security Professional (CISSP) will be an added advantage
2 – 4 years of Information system audit experience
Demonstrated experience in use of CAATs e.g Audit Command Language (ACL) or IDEA is Key
Demonstrated knowledge of Sun Accounting Application, Opera and Micro Hotel System’s
Desired competencies
Technical skills to effectively perform IS Audit activities/tasks in a manner that consistently achieves established quality standards or benchmarks.
Demonstrated understanding of internal auditing standards in respect of audit, internal control, risk and governance principles.
Able to integrate understanding of industry trends and vulnerabilities to identify future possibilities, opportunities and risks
Knowledge and application of modern IS security management practices in humanitarian and service industry to proactively review and recommend security quality improvements in line with technological and service changes.
Ability to understand and document workflows and business processes
Knowledge and effective application of all relevant policies, processes, procedures and guidelines to consistently achieve required compliance standards or benchmarks.
Self-driven and appreciation of Performance management to optimize personal productivity. Organized; able to work both independently or in a team setting.
Ability to identify solutions that effectively address business and control needs.
Interpersonal skills to effectively communicate audit results to functional heads and other stakeholders including Ability to maintain highest integrity on audit, deal withGovernance Committees and government agencies on audit without compromising the objectivity of the internal audit function.
Self-empowered to enable development of open communication, teamwork and trust that are needed to support true performance
Applications should be sent to the following address to be received on or before Friday, 14th February, 2014.
Secretary General
Kenya Red Cross Society
P.O. Box 40712-00100,
Nairobi
Comments
Post a Comment