Occupation Description
Primary Purpose
Manage, define & conduct information systems audit and risk assessment projects which are pertaining to or where the emphasis is on information security assurance, and the quality and progress of these projects, to ensure on time, effective project outcomes
Responsibilities
- Analyse and document information systems audit and risk assessment requirements by liaising with a range of people including the internal audit director and senior management, drawing together information security and assurance needs across a distributed organisation.
- Establish project plans, milestones and deliverables in consultation with the internal audit director, senior management, business users and system owners. Make presentations to audit committee and/or senior management to inform them of the results of information technology audits or risk assessments, and to explain suggested recommendations.
- Coordinate with other audit team leaders to ensure adequate resources are available during various phases of the project. Schedule assigned personnel to specific assignments, taking into consideration both the experience possessed and the developmental training received by the individual(s), as well as the experience required for the assigned task.
- Liaise with team members to ensure that all tasks and deliverables are proceeding according to schedule.
- Direct and supervise security auditors in the discharge of their assigned tasks, and develop staff through broad information technology exposure and specialised security audit training programs.
- Assist in defining project resources, performance reviews and post audit evaluations.
- Build relationships with users, technical staff and management to identify and resolve issues and findings arising from each information systems audit and risk assessment project.
- Provide the project team with accurate information about audit and risk assessment needs and priorities as well as details of the audit program, techniques and tools.
Requirements
- At least 5 years of relevant experience in the planning, development, execution and support of information systems audit or risk assessment projects, and in particular those which are information security in nature, in a range of organisations
- Possess basic to intermediate knowledge and understanding of information security, internal control and audit concepts and technologies
- Degree in Information Systems or equivalent
|
|