Manager, Internal Audit – Cyber Security, Technology and Data Analytics at Absa Bank Limited

Job Description

(adsbygoogle = window.adsbygoogle || []).push({});

Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance.

Job Summary

To plan, manage and monitor the implementation of management information systems (MIS) activities and processes in order to deliver on approved operational plans in an effective and efficient manner.

Job Purpose:

Internal Audit purpose is to provide reliable, valued assurance to the Board and Executive Management over the effectiveness of controls mitigating current and evolving high risks and in so doing enhancing the controls culture within the Group. IA provides independent assurance to the Group CEO, Board Audit Committee and internal stakeholders, as well as certain external stakeholders (typically external auditors and regulators). The core responsibility of an auditor within Absa is to execute audit assignments in accordance with the Group Audit Plan and relevant policies, procedures, and quality standards.

 Key Accountabilities

Audit Delivery and Issue Assurance

Develop an in-depth knowledge of the methodology, by attending training sessions and using knowledge gained during audits, use this proactively in executing audit activities.  Deliver audit work assigned by the Senior Manager Internal Audit, Technology to a high quality and in accordance with the requirements of the Quality Assurance scorecard. Assist the Senior Manager Internal Audit, Technology with planning and execution of Design Effectiveness and Operating Effectives Testing, uniformly applying the methodology and quality standards, focusing the work on key risks, with minimum supervision from the Senior Manager Internal Audit, Technology. Develop and maintain relationships with key audit contacts on each audit by attending continuous stakeholder meetings. In addition, engage closely with stakeholders during assignments and encourage open discussion and interaction with business on the risks relevant to their environment. Engage proactively with Absa Internal Audit colleagues, during assignments and work collaboratively with the relevant technical team to deliver audit work.  Provide guidance to other auditors and peers by sharing business knowledge, and best practice so that audit work meets and sometimes exceeds quality standards.  Support the Senior Manager Internal Audit, Technology in the identification of risks to be tested by participating in audit planning sessions.  Develop an in-depth knowledge of Absa and the various business areas and use this knowledge to assess risks and controls through identifying, assessing, and documenting risks and controls within the relevant business processes. Evaluate the design and operating effectiveness of controls and document all working papers using the Internal Audit tool for review by the Senior Manager Internal Audit, Technology. Ensure all audit observations and planned actions are factually agreed with management as soon as they arise to ensure timely delivery and issuing of the audit reports. Provide suggestions to stakeholder management on how they can address the control issues identified. Document all working papers in line with methodology requirements. The working papers must be accurate, reflective of work performed and support conclusions drawn. Display professional scepticism, raising and discussing contentious observations with management and provide evidence to support all issues identified. On an ongoing basis throughout the audit, discuss and agree the factual accuracy of audit observations with the Senior Manager Internal Audit, Technology. Provide feedback to the Senior Manager Internal Audit, Technology and audit team with progress and observations raised during the audit by communicating honestly, frequently and effectively. Build and maintain good working relationships with fellow auditors. Participate fully and be supportive in all audits by helping the team where required. Be receptive to learn and seek opportunities to share acquired knowledge with colleagues Continue to update awareness of risk issues and changes across selected business units from interaction with management and provide feedback to the Senior Manager Internal Audit, Technology. Assist in the induction of new joiners, mentoring less experienced team members.  Proactively take on additional tasks as requested by the Senior Manager Internal Audit, Technology – which may include managing Issue Assurance and production of team Management Information. Perform Issue Assurance testing and documenting of the working papers in accordance with the requirements of the Methodology. Ensure awareness of available tools and demonstrate competence in ability to utilise digital tools during audits and use of data analytics in all audits able to use data analytics, where possible.

Accountability: Knowledge Management

Improve technical knowledge through self-learning or training including mandatory Continuous Professional Education requirements. Share knowledge with AIA colleagues and peers in the business. Develop and enhance learning through seeking coaching, training and continual feedback Coach new joiners and trainees on how to apply the methodology. In addition, to proactively share knowledge of within the team, leading a session at a team meeting. Build knowledge of business and culture in business units as assigned by the Senior Manager Internal Audit, Technology Knowledge of key regulations, including FIC, KYC and AML, Sanctions, for business areas / locations within remit

Accountability: Reporting

Prepare audit observations and make sure that they are concise, factually accurate and cover all of the significant issues. The observations must be insightful, address the root causes, and have agreed actions that fully mitigate the risk. Assist the Senior Manager Internal Audit, Technology where required, in the drafting of the audit report in line with methodology requirements and as per the requirements of the Balanced Scorecard. Assist in compilation of various governance reporting pack and ongoing business monitoring that impacts overall risk profile of the BU/Function business. This includes attending relevant governance committees where applicable and document the business monitoring workpaper accordingly.

Accountability: Relationship management

Develop and maintain relationships with accountable management on each audit. Present effectively at stakeholder meetings and forums (e.g.: Risk and Governance forums) to share knowledge and information including methodology, standards, changes and new developments with business stakeholders on an ongoing basis.

Risk and Control responsibilities:

Understand and adhere to the appropriate Absa Policies and Standards applicable to the role. Understand and manage risks and risk events (incidents) in the role thereby contributing to the adherence to the Absa Risk and Control Framework. Complete all mandatory training as required.

Requirements

Preferred Qualification

B Degree (Computer Science, Information Technology, Cyber Security, Informatics, Statistics or similar technology-related field); and/or Honours (Computer Science, Information Technology, Cyber Security, Informatics, Statistics or similar technology-related field) CISA or CISM, CISSP or equivalent certification. CIA (Levels 1,2 or 3) and CPA (T) or ACCA will be an advantage

Preferred Experience

Audit roles – experience in risk-based auditing or risk/control activities. Relevant professional qualifications (e.g. CISA) Practical understanding of relevant regulatory environment Proven track record of high performance in previous roles Experience in auditing at senior level for at least 5 years

Knowledge and Skills

Minimum of 4 years’ experience in Internal/External audit or commensurate experience in a major financial institution 2 years’ experience in Risk Based Auditing or Risk/Control activities