Information Systems Auditor Non-profit Jobs – African Field Epidemiology Network (AFENET)
Job Title: Information Systems Auditor
Organisation: African Field Epidemiology Network (AFENET)
Duty Station: Kampala, Uganda
Reports to: Director Internal Audit & Risk Management
About US:
The African Field Epidemiology Network (AFENET) is a not for profit, networking alliance and service organization that brings together field epidemiology training programs (FETPs) across Africa working side by side with Ministries of Health, regional and international partners. AFENET works to strengthen epidemiological and disease surveillance capabilities of African countries that are critical to meeting the requirements of the Integrated Disease Surveillance and Response (IDSR) strategy and the International Health Regulations (IHR).
Job Summary: The Information Systems Auditor will perform IT Audits, lead continuous audit initiatives and support with data analytics needed during audits and investigations. The position will be responsible for the review of all key information systems and infrastructure within the organization. The Information Systems Auditor will be responsible for leading, conducting and advising on all information systems audit work within the organization including audits of computer applications, information security and technological solutions at the Secretariat, Regions and country offices. The Information Systems Auditor will also champion Information Technology (IT) use within the Internal Audit & Risk Management Department through capacity building in line with the Internal Audit & Risk Management strategy.
Key Duties and Responsibilities:
Audit Engagement (Audit planning, execution and reporting)
- Facilitate IT risk assessments and provide key input in the risk based audit plan by providing key IT risks from the IT risk universe.
- Develop detailed IT audit work plans, information system and application audit programs for specific engagements, audit work papers, and IT audit status reports within the organization.
- Engage with management at the Secretariat, Regions and Countries to obtain better understanding of business processes and key risk areas affecting strategic goals.
- Participate in the planning and implementation of IT audits based upon an understanding of the critical IT controls within the core process/ area under review in accordance with the IIA and ISACA related Standards; and use the Governance, Risk and Control system and the designed templates for assessing and evaluating the IT risk universe.
- Analyze evidence gathered and accurately communicate findings and recommendations to appropriate management and directors both orally during the exit conference and written reports.
- Participate in audits as per the annual plan including pre post IT projects implementation.
- Follow-up on remediation of identified deficiencies.
Advisory and Consulting Services:
- Collaborate with IT project teams and participate in live IT initiatives as a subject matter expert in matters relating to controls and compliance.
- Provide consultative advice to stakeholders by identifying key IT control gaps and risks related to key processes.
- Assist in the evaluation of potential occurrence of fraud in IT systems and how management mitigates the risk.
Continuous Auditing & Capacity building:
- Develop tools for different applications that will be used to enhance continuous review of key risks.
- Provide training and guidance to the Internal audit & Risk Management Department on evaluation of general and application controls of systems, use of computer assisted audit techniques (CAATs) to facilitate the testing of controls and application of data analytics and business intelligence to detect possibility of frauds and non-compliance to existing standards and expected controls.
- Review and help improve the IT risk management framework in the organization including identification of current and emerging risks.
- Special Investigations and assignments:
- Perform special investigations and projects as assigned including assisting in regulatory audits related to information security and fraud investigation.
- Design specialized audit tools and conduct relevant training.
- Participate on any other tasks that may be assigned from time to time.
Qualifications, Skills and Experience:
- The applicant must hold a Bachelor’s degree in Business Computing, Computer Science, Information Technology, Management Information Systems, Information Security or a related discipline.
- A minimum of five years of experience in Information Technology (IT) or Information Systems Audit and Advisory.
- Technical professional certification required (CISA, CISSP, CISM or CRISC). CPA, ACCA or CIA (Certified Internal Auditor) a plus.
- Knowledge of COBIT and best IT industry practices.
- Extensive engagement experience with management at middle and senior level
- The ability to design and execute data analytics tests to support business process audits.
- Exposure to various computer assisted audit techniques (CAATs)
- Must have good working knowledge of computerized accounting systems preferably, Sun system accounting, Sun flow Procurement, Sage HRIS platforms, Microsoft Project, Online Banking, document management systems, etc.
- Good track record in IT audits, other internal audits, computerized risk management models and continuous process improvement projects.
- Notable level familiarity with various IT platforms, operating systems and information security.
- Experience in terms of assisting with the development and/or improvement of IT audit methodologies.
- Ability to plan, perform, document and report on audits.
- Experience in dealing with people from diverse cultures and backgrounds.
- Knowledge of French or Portuguese would be an added advantage.
- Good communication, quantitative and presentation skills.
- Will be expected to operate with considerable independence within the scope of their assignments
- Should have a wide degree of creativity and latitude, in addition to well-developed interpersonal and leadership skills.
How to Apply:
All interested candidates should submit their Application letters detailing their experiences and skills, curriculum vitae, copies of relevant academic documents and 3 references online to: The Human Resource Office, African Field Epidemiology Network (AFENET) via sec@afenet.net.
NB: ONLY successful candidates shall be contacted for an interview.
Deadline: 29th March 2019
: List of Current Job Vacancies / Opportunities in Uganda