The role is expected to help the Bank to achieve its mission “stimulating a consistent expansion of and diversification of African trade so as to rapidly increase Africa’s share of global trade, while operating as a first class, profit oriented, socially responsible financial institution and a centre of excellence in African trade matters” by providing independent and objective assurance and consulting services, which adds value and improves the operations of the Bank.
The role holder will be responsible for the planning, execution and reporting on audit of IT systems and processes, including data centres, ERP Solutions, network, operating systems, applications and data bases in line with approved annual risk-based internal audit plan.
Duties and responsibilities
- Developing and maintaining the IT Risk Assessment, including identifying areas internal audit should focus.
- Conduct IT audits or lead teams in performance of IT audits and reviews of systems, applications and IT processes including:
- Evaluate information general computing controls and provide value added feedback and test compliance with those controls.
- Various other reviews of IT management policies and procedures such as change management, business continuity planning/disaster recovery and information security to ensure that controls surrounding these processes are adequate.
- IT security audits (such as network, operating system and data centre), including to evaluate whether security vulnerabilities are properly and fully identified and mitigated. Coordinate the scope and performance of these reviews with the IT function/business units and external security experts.
- Pre and post-implementation audit of system implementations or enhancements.
- Maintain quality work paper documentations that adequately support audit findings and conclusions;
- Liaise with Auditees at all stages of the audit and manage the presentation of draft audit findings to stakeholders with a view to obtaining necessary buy-in, including management response commitments;
- Propose recommendations to address the established root cause of observed issues to the respective areas and follow up implementation of agreed management action plans;
- Provide Business and IT management with guidance on IT risk management matters particularly on application and infrastructure security, emerging risks, and international best practices;
- Build and implement tools to analyze data to improve audit efficiency and effectiveness (including risk assessments) and develop analytics to provide business insights or for continuous auditing.
- Assist the Head of Internal Audit Unit with other assignments including involvement in the development of internal audit policies and working practices, conduct audits or lead audit teams in operational/financial audits.
Skills, Knowledge and Attitude
- Master’s Degree in Computer Science, Finance, Accounting or Business Administration, IT Risk Management/Governance;
- Recognised accounting/auditing professional qualifications (ACA, ACCA, CPA, CIA etc.) and information systems certifications (CISA, CISSP, CISM);
- Minimum 8 years of relevant IT Audit/IT Governance experience with a banking background;
- Experience with multiple technology domains including Windows, database management, networking and software/applications implementation;
- Familiarity with information security standards and best practices for securing computer systems;
- Understanding of international auditing standards like COBIT;
- Continually updated with latest changes in technology;
- Experience with IT Operations is desirable while experience with data analytics will be advantageous;
- Good understanding of risk management and internal control environment within the IT function;
- Strong knowledge of Banking including Trade Financing, Project/Development Financing and Treasury activities is required;
- Excellent communication skills in English. Knowledge of the Bank’s other working languages (French, Arabic and Portuguese) is an added advantage;
- Strong analytical skills, highly organised, detail oriented and good report writing and presentation skills;
- Proactive, self-motivated and result-driven orientation with ability to drive work to conclusion and meet deadlines with minimal supervision;
- The candidate should be able to produce high quality work independently as well as a cohesive member of a small team;
- Ability to work closely with and support General Auditors in integrated audits;
- Ability to work effectively in an evolving and challenging multi-cultural environment.