Manager : Information Technology Auditor Ref : Bma 3 / 7 / 2024

Job Title : Manager : Information Technology Auditor

REF : BMA 3 / 7 /

Deadline : January 17,

Minimum Job Requirements, Knowledge and Responsibilities

Minimum Qualifications : Bachelor's degree in information systems, computer science, informatics, auditing, internal auditing, accounting, or related qualification at NQF level 7 as recognized by SAQA.

Minimum Experience : 5 years' Experience ICT Auditing Experience

Professional Body / Association : ISACA

Knowledge : Strong understanding of IT governance, risk management, and compliance frameworks (e.g., COBIT, NIST, ISO, Public Sector IT Governance Frameworks), Public Finance Management Act (PFMA), National Treasury Regulations, King Governance Code, Treasury Regulations and Public Service Regulations, Internal Auditing / Auditing Standards, Knowledge of GRAP, Border Management Authority Act.

Professional Registration or License Requirements : CISSP - Certified Information Systems Security Professional OR; CISSP-ISSMP Information Systems Security Management Professional OR; CISM Certified Information Security Manager OR; CISA Certified Information Systems Auditor or other equivalents.

Key Responsibilities :

1. Annually prepare an audit plan of the ICT audit function which comprehensively covers the BMA ICT environment audit universe for consideration of the CAE.
2. Manage and conduct ICT audits in accordance with professional auditing standards, internal policies, and regulatory requirements.
3. Ensure the ICT Audit team's work is conducted in line with professional auditing standards, internal policies, and regulatory requirements.
4. Periodically report to the CAE on the progress of ICT Audits.
5. Evaluate the effectiveness of ICT internal controls relating to information security measures, data integrity, system availability, third party management, and compliance with applicable laws and regulations.
6. Provide comprehensive audit reports and recommendations for CAE's approval.
7. Identify opportunities to enhance the efficiency and effectiveness of ICT audit processes and methodologies.
8. Assist Internal Audit Unit with data analytics requirements and render support on audit management tools.
9. Identify, evaluate, and operate value-add technology tools for ICT Audit and internal audit projects.
10. Maintain all related Service Level Agreements to minimize business risk and ensure business continuity of the Internal Audit Unit at large.
11. Provide advocacy on ICT Audit related matters to relevant stakeholders.
12. Collaborate with necessary organs of state and domestic and international assurance stakeholders to promote and enhance effective, efficient and secure human movement.
13. Build and maintain effective internal and external stakeholder relationships for the purpose of expectations management, knowledge sharing, and integration.
14. Participate in industry-related forums, conferences, and workshops to gain industry insight for the purpose of business improvement and position the BMA.
15. Review the ICT Risk Register to ensure that BMA maintains quality risk management standards in line with relevant requirements.
16. Conduct comprehensive annual ICT process-level risk assessment interviews with CIO, ICT executives, and other managers in the BMA; identify and incorporate risk data from multiple internal and external sources to assess risk and analyze results.
17. Perform follow-up of previously raised ICT audit findings.
18. Provide input in the planning and compilation of the business unit's annual budget aligned to the operational plans to support the implementation of set objectives.
19. Ensure the effective implementation, management, and monitoring of the business unit's budget, and mitigate and report on any variances.
20. Report on and communicate any cost improvements and shortfalls to the CAE.
21. Build and lead an effective and cohesive team through the effective management of divisional resources.
22. Drive the implementation of talent acquisition, succession planning, development, and retention strategies for the division.