Internal Audit Manager (ICT)
Provide independent, reliable, valued, insightful and timely assurance to the Board and Executive Management on the effectiveness of governance, risk management and control over current and evolving ICT risks.
- Assist the country Head of Internal Audit in developing IT audit plan and budget.
- Manage the IT audit projects and costs to ensure audit engagements are executed in line with the approved annual budget.
Internal Business Processes
Provide leadership and deliver internal audit reviews on Information and Communication Technology of the NCBA Bank Tanzania Limited. Specifically:-
- Perform annual ICT audit planning and scoping in line with the bank’s ICT strategy.
- Provide management with guidance on ICT risk management matters, particularly on infrastructure and cyber security concerns.
- Conduct assurance and advisory/consulting reviews of systems, applications and IT processes. Prepare reports of review results to the Head of Internal Audit, Executive Management, Group IT Management, and Board Audit Committees;
- Perform pre- and post- implementation reviews of ICT (governance, business continuity and disaster recovery, general controls and application controls, and cyber security/information security),
- Coordinate the scope and perform ICT reviews with Group ICT audit team, business units, and external security experts (where required).
4. Develop, build & implement tools to analyse data to improve audit efficiency and effectiveness. Ultimately be a source for analytics that IAD colleagues and Management adopt to provide business insights and for continuous auditing purposes
5. Track ICT audits and validate ICT issues to confirm adequacy of issues closure.
6. Conduct continuous business monitoring reviews highlighting significant issues impacting the bank’s ICT environment, and timely suggest solutions to overcome them.
7. Perform independent assessment of ICT risks including identifying areas where the bank should consider additional investment and areas Internal Audit should prioritize.
8. Coordinate external auditors, regulatory examiners and assessors in performing ICT reviews.
9. Monitor whistleblowing process in line with the bank’s whistleblowing policy.
10. Assist in review of Internal Audit policies, procedures, and methodology to promote efficiency in audit execution and provide greater value to the bank.
11. Carrying out other tasks as may be directed from time to time by the Head of Internal Audit
- Understand the needs of clients and perform customer centric audits targeting at improving process efficiency.
- Conduct advisory and consulting audit reviews targeting at customer value addition.
- Build strong relationships and mutual trust with all internal and external stakeholders.
- Timely discuss and agree on the factual accuracy of audit observations with audit clients.
- Produce timely audit reports, and follow-up on timely remediation of audit findings especially those with direct impact to customers.
Learning and Growth
- Embrace continuous learning and professional development.
- Be a change agent and be positive to change.
- 3. Open-minded spirit, receive and implement feedback
- Achieve mandatory 40 hours L&D through E-Learning Courses and classroom training
- Stewardship:-Be passionate about leaving things better than you found them.
Education and Qualifications
- Bachelor degree preferably in Computer Science or Information Systems. Master’s degree is an added advantage.
- Must be qualified as CISA, CISM, CISSP or equivalent.
- At least 3 years’ managerial experience in ICT auditing or ICT risk/control assurance activities preferably in financial services industry, and/ or is from a reputable Audit Firm.
- Relevant knowledge about banking products and services.
- Understanding of multiple technology domains including software development, Windows, database management, networking, SAP, and T24 system (preferred).
- Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.
- Practical understanding of regulatory (BOT) guidelines on IT.
- Proven track record of good conduct (values) and high performance in previous role(s).
IT & Software: 5 Years
Banking: 5 Years
Audit: 5 Years