Be responsible for providing independent assurance on the airline’s information systems, specifically on integrity, confidentiality, availability of information as well as providing assurance on information system governance, risk management and controls in place.
Key Responsibilities
Participate in the development of Annual Information System Audit Plan.
Assess the airline’s state of Information System controls, vulnerabilities and identify technology and security risks.
Evaluate the risk, document processes and systems in flowchart and narrative form and design audit programs.
Perform Information System audits across the airline as per the Information System audit plan and in line with Internal Audit methodology, processes, procedures and timeframes.
Provide reports showing areas of governance, risk and control weakness and recommending corrective measures.
Provide assurance that access to electronically stored corporate information is adequately protected and risks appropriately managed.
Review compliance with the airline information technology policy and associated procedures.
Review IT documentation/procedures such as service level agreements, IT contracts, Disaster recovery plan/ Business continuity plan programs, ICT policy.
Continuously review information system parameters and logs to ensure compliance with the Information Security policy and best practice.
Provide Information Systems consultancy services for projects undertaken by the airline during the year, ensuring compliance with best practice.
Support audit teams in the audit of related systems/modules within functions being audited.
Continuously develop and maintain the skills, knowledge and expertise to keep abreast of fast changing information systems threats to make valuable contributions in ensuring system security measures are in place for maximum protection of airline Information assets.
Provide assurance on key ICT layers within the Airline.
Support the audit team in employing data analytics in their day‑to‑day reviews.
Follow‑up on the adoption/implementation of management recommendations and remediation actions.
Guide on emerging operational, legal and regulatory compliance matters.
Facilitate innovation of control automation techniques to minimize compliance cost.
Qualifications
Bachelor’s degree in computer science, Information and Communication Technology or related field from a recognized institution.
Certified Information Systems Auditor (CISA) or equivalent is mandatory; CISM/CIA/CFE/CEH are an added advantage.
Member of Information Systems Audit and Control Association (ISACA).
At least 3 years’ relevant experience in Information Systems Audit.
Relevant Competencies
Ability to work independently, with limited required direction and guidance.
Demonstrable project management skills.
Strong analytical skills.
Ability to employ different tools to conduct data analysis.
Assertive with excellent people‑management skills.
