Senior IT Auditor: IT & Application Controls

A position as a Senior Auditor exists within Group Internal Audit: Santam Corporate Services, based in the Cape Town office.

To conduct various types of assurance and consulting reviews with the primary focus on IT and Application Control audits across the Santam Group (Santam Ltd, subsidiaries, brokers, portfolio managers, underwriting agencies, and partners). This will be done in accordance with the annual audit plan approved by Santam’s Audit Committee and conducted in terms of International Standards for the Professional Practice of Internal Audit. The role requires someone with strong IT skills as well as the ability to engage the IT and IS personnel and be comfortable engaging on concepts related to application and database architectures & infrastructure as well as complex business processes. The role also requires a person who can apply our risk-based methodology, as well as lead and manage multiple audit assignments and work independently.

• Conduct risk-based technology-focused (IT) audit assignments to contribute to delivering on the internal audit plan approved by Santam’s Group Audit Committee. This could include general computer control reviews, application control reviews, and reviews of IT controls within various business processes such as application and data interfaces as well as pre and post-implementation reviews with a focus on application controls.
• Assignment work entails assignment planning, execution, reporting, and audit follow-up work (where applicable) including the following activities:
  • Performing risk and control assessments;
  • Developing, executing, and in some cases, reviewing audit procedures;
  • Preparing audit findings and unpacking root causes with management;
  • Compiling an audit report and workshopping practical action plans with various levels of management which will support the achievement of the Santam Group’s and our business partners' strategic and financial objectives;
  • Ensuring that audit work is documented on GIA’s audit software tool and adheres to the required quality standards;
  • Ensuring that audit work is completed within time and cost budgets.
• Assist in reporting to various audit, risk & related committees.
• Provide input into annual audit planning.
• Follow up on audit issues raised and provide input into the reports to the audit committee and other relevant governance structures.
• Maintain quality standards in terms of the audit methodology, approach, and documentation.
• Support and mentor junior/trainee auditors.
• Client relationship management with internal Santam stakeholders as well as external stakeholders, focusing on Information Security functions.
• Champion Internal Audit’s role in the organization by serving as GIA’s representative at relevant, key Santam forums.
• National travel to Santam offices and partners may be required.

• A relevant qualification (Diploma, Bachelors, or Honours degree) in science, commerce, engineering, technology, information systems, informatics, or similar.
• More than 4 years’ experience in an audit/consulting/risk management/governance or similar operations function and demonstrable exposure as per the job description.
• Experienced in performing IT general, application controls, and similar types of audits across a range of environments.
• Solid understanding of traditional business processes and how they interact at an application and database level.
• An advanced understanding of internal audit disciplines, methodologies, and practices.
• Experience in the insurance industry is preferred.
• Progress towards or completed CISA, CRISC, or similar.
• Good understanding of relevant security and control frameworks such as COBIT, ITIL, COSO, OWASP, CIS & similar frameworks.
• Experience with industry-leading audit software packages would be advantageous.

• Very strong numerical, analytical, and conceptual skills.
• Analytical ability and logical reasoning.
• Understanding of key controls and risk management principles.
• Strong time management.
• Excellent interpersonal, communication, and networking skills.
• Relationship management (Strong client service orientation).
• Facilitation skills and ability to influence individuals, groups, and teams.
• Strong verbal and written communication skills.
• Conflict management and negotiation skills.
• Ability to work effectively in a team as well as independently.

• Cultivates innovation - Contributing through others.
• Customer focus - Contributing through others.
• Drives results - Contributing through others.
• Collaborates - Contributing through others.
• Being resilient - Contributing through others.

Santam is the leading short-term insurer in South Africa. Along with its subsidiaries, the business transacts all classes of short-term insurance. Santam is a large, diversified, and transforming company, and our success is rooted in our passion for our clients. Everything we do is centered on our delivery of insurance good and proper.