Discovery’s core purpose is to make people healthier and to enhance and protect their lives. We seek and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.
Areas of Responsibility:
Strategic:
Assist in attending to management queries.
Build/maintain relationships with the Discovery companies and other Assurance Providers.
Facilitate the maintenance of risk profiles (inherent & residual view of IT risks).
Challenge risk management information received from the business and provide meaningful input to management on where IT risk management processes and controls can be improved.
Technical:
Knowledgeable in Project and Programme Management.
Cyber and Information Security (CAATs): advantageous.
Operational:
Ensure audits are performed in line with Audit Methodology.
Provide feedback to Audit Management on the planning, execution and reporting of the audits.
Obtain input from Audit Management relating to risks associated with the audit topic.
Ensure that all risks are addressed for the specific audit engagements.
Define the purpose, scope and audit approach of each audit for assigned areas of audit coverage.
Assist Audit Management in determining the scope of Internal Audit assignments.
Prepare engagement letter for review by Audit Management.
Prepare/review the Audit Planning Memorandum (APM).
Prepare/review approved system descriptions, walkthroughs and/or process flow diagrams and address/raise review notes where applicable.
Prepare/review risks and controls matrix (RACM) and address/raise review notes where applicable.
Prepare/review test procedures and address/raise review notes where applicable.
Obtain approval from Audit management regarding any changes to RACM, audit test.
Perform testing and document working papers on Audit Software where applicable.
Review working papers on Audit Software (performed by IT Auditors) and raise review notes where applicable.
Prepare/review the Audit Finalisation Checklist at the end of an audit.
Close day-to-day supervision of the IT Auditors and process of work.
Provide regular progress updates (at least weekly) on audit assignments.
Keep track of the budget and timesheets on a weekly basis and submit to Audit Management.
Escalate in a timely manner to Audit Management if deadlines are not going to be achieved.
Escalate cases where feedback is not received.
Advise Audit Management immediately of any problems experienced on an audit section.
Monitor the quality of work performed by the audit team and take corrective action (where applicable).
Provide training and supervision to audit team to ensure that the required audit objectives are met and that adequate practical coverage is achieved.
Ultimately responsible for the quality of audit files (MK or other).
Proactively take on additional tasks as requested by Audit Manager.
Provide meaningful input and monitor the effective and timely implementation of management actions to address any control weaknesses identified through risk profiling, risk events and control self-assessment.
Follow-ups:
Follow up on outstanding audit issues and management actions.
Preparation and submission of follow-up progress reports for risk and/or audit committees.
Schedule meetings with Audit Manager for the combined review of mini-appraisals.
General:
Stay up-to-date with Internal Audit profession and industry developments.
Ongoing development and improvement of audit methodology.
Education and Experience:
B Degree or equivalent (and relevant) qualification (with Computer Science / Computer Auditing / Information Systems / Auditing as majors).
CIA / CISA / CISM / CRISC / CGIT (one or more of the aforementioned is required).
2+ years audit experience.
Essential Knowledge:
Corporate and IT governance.
IT Infrastructure technical knowledge (reviewing of databases and operating systems).
Cyber and information security.
Advantageous:
Studying towards or in possession of relevant Bachelors or Honours Degree.
Skills:
Analytical Thinking Ability: ability to split a task or problem into its component parts and use these in a logical and systematic manner to reveal all implications of the consequences of situations.
Communication Skills: able to communicate clearly both verbally and in writing.
Relationships: building relationships with auditees, business and external auditors.
Reporting Skills: ability to consolidate information and compile reports reflecting the necessary.
EMPLOYMENT EQUITY: The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.