Vacancy title:
Head Of Internal Audit – ICT and Data Analytics
Jobs at:
NMB BankDeadline of this Job:
Tuesday, January 23 2024
Summary
Date Posted: Wednesday, January 10 2024, Base Salary: Not Disclosed
JOB DETAILS:
Job Purpose:
Responsible for providing leadership and overseeing of internal audit for Information and Communication Technology (ICT), Cyber security and Data analytics audits on achieving the purpose and objectives of Internal Audit Function (IAF).
Main Responsibilities:
Strategic Focus
• Working with the Chief Internal Auditor (CIA) on developing and execution of a risk based annual audit plan approved by the Board, reporting and follow up of implementation of audit recommendations for bank’s internal control improvement. The role must provide assurance on design and effectiveness of internal controls, IT risk management framework, cyber security and governance processes relating to ICT operations are adequate and effective and the bank’s ICT policies & procedures, state laws, regulations regarding privacy and security in data processing are adhered to.
• Develop and execute the Audit strategy on the Data analytics automation & robotics (AI) and continuous auditing of critical bank’s processes for effective real time monitoring and reporting to Management and Board.
• Develop and execution of a risk based annual internal audit work plans and programs for IT audits and Data analytics audits and programs which is approved by the Board.
• Develop and execution on the cyber security audit strategy and use of review tools for continuous monitoring and vulnerability assessment assurance on the management cyber security resilience.
• Overseeing, planning, and scoping of audit assignments relating to ICT operations, Cyber Security, Data Analytics, Projects and any other areas assigned, determining engagement scope & objectives, conducting risk assessment (including fraud risk assessment), allocating audit resources, defining deadlines and ensuring a comprehensive and appropriate terms of reference is set for each review.
Leadership and People Management Focus
• Coaching and providing training that enhances auditor’s knowledge on ICT risks and use of IT tools and analytics, department budget planning and control, also responsible for another stakeholder’s management.
• Manage the Audit team, hierarchically and functionally, supporting the direct reports in their professional development through mentoring and coaching, providing constructive feedback including formal performance management. Reach the results through the team; developing and executing the department’s strategy and plan.
• Lead discussions with business leaders regarding audit observations and root causes of issues, consulting the CIA.
• Consult with Internal Audit Function (IAF) management, risk teams, internal auditors, or the business to identify high risk areas that should be subjected to data analytics on regular basis.
• Provide support to internal auditors in using computer-assisted audit techniques.
• Review and issue audit reports that meet the required standards for reporting to management and prepare oral or written presentation on those issues at the request of management or at his/her own initiative.
• Supervise support on automated audit tools used in the department.
• Ensure full compliance, provide oversight as well as monitor the implementation of various consumer protection requirements across business area/Unit.
Operations Focus
• Carry out investigations and special audits as requested by management, Board, or red flags noted by auditors.
• Stakeholder management within the bank, Bank of Tanzania, and external auditors/consultants
• Departmental Budgeting planning, implementation, and cost control
• Ensure that audits are carried out in line with International Standards for the Professional Practice of Internal Auditing as issued from time to time by the Institute of Internal Auditors as well as those issued by Information Systems Audit and Controls Association (ISACA).
• Provide guidance to Audit Managers /Auditors during audit assignments with emphasis on process understanding, risk identification and assessment, root cause identification and development of recommendations that address the root causes.
• Perform follow-up audit reviews to determine the extent to which root causes of issues observed have been closed and supported with sufficient, reliable, and relevant evidence.
• Stay abreast of the latest developments in ICT that impact the ICT risks and cyber security in the bank and the possibilities to investigate using ICT.
• Identify the relevant operating risks that may affect the bank and assess their likelihood of occurrence and the potential impact on the business.
• Review of ICT projects executed by management and appraise on the identified risks and controls and how has been mitigated and recommend appropriate actions for management.
• Review audit findings with auditors, appraise the management and prepare report for CIA to the Board Audit Committee raised by external auditors.
• Responsible for regular extraction and analytics of data from critical systems of the bank in order to identify control weaknesses for corrective action and provide business Insights and foresight for appropriate management decisions.
• Ensure that documentation throughout the audit lifecycle (scoping, understanding processes, identifying risks and controls, assessing controls, and identifying issues) is accurate, reflective of work performed and supports conclusions drawn.
• Ensure audit tools are effectively used to bring efficiency and effectiveness in the audit process.
• Represent the IAF on various projects that aim at improving risk management, governance and controls surrounding ICT systems in the bank.
• Ensure full compliance, provide oversight as well as monitor the implementation of various consumer protection requirements across business area/Unit.
Knowledge and Skills:
• Ability to exercise critical thinking and professional skepticism in the audit process.
• Solid knowledge of applying internal audit standards (IPPF) by the Institute of Internal Auditors and ISACA Framework to perform value adding internal audit services.
• Deep understanding of fraud risk assessment and evaluation of control adequacy in either detecting or preventing fraud incidences in an IT environment.
• Knowledge of risks and controls of a bank as well as banking regulations
• Analytical mind with the ability to interpret key data/facts.
• Eye for detail in checks and balances, rules and processes, risk, and governance.
IT Project management and projects life cycle knowledge
• Mastery of using and Knowledge of ICT and audit tools such as data analytics software such as ACL Analytics, DAST & NAST tools, Qualys or Nexpose and audit management software such as teammate, Microsoft vision etc.
• A person with integrity, objective mind, and leadership skills ability to influence and motivate teams towards a common goal.
• Excellent interpersonal skills and ability to work effectively with colleagues and other management teams.
• Multi stakeholder management report to BARCC, Board, regulator, and external auditors
Firm and decisive with ability to negotiate and influence senior/middle managers to facilitate change and improvement.
• Ability to communicate at all levels in the bank and external stakeholders such as external auditors and consultants.
• A personal commitment to, and good understanding of, diversity and equalities in the workplace.
Qualifications and Experience:
• Bachelor’s degree in IT and Computer science from a recognized university
Professional Certification in IT auditing or Cyber security, Data Analytics, or accounting qualification i.e., CIA, ACPA, CISA, CISM, PMO, CPA (T), ACCA or equivalent is a Must.
• A Master’s degree is an added advantage.
• At least 7 years’ experience in IT audits, out of which 4 should be at managerial level in a bank or an audit firm responsible for financial institutions.
Work Hours: 8
Experience in Months: 84
Level of Education: Bachelor Degree
Job application procedure
Interested and qualified Click here to apply.
All Jobs
Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.