South African Forestry Company SOC Ltd (SAFCOL)
Nelspruit, South Africa
Competitive salary
18 Oct 2019
09 Nov 2019
Job role
Role Mandate
To perform ICT and operational audits, including risk management control in order to provide management assurance that the ICT systems are appropriately designed and operating controls are in place. Conduct compliance testing, contribute to operational, compliance, IT audit projects and provide consulting services to management. Identify technology risks and independently evaluate the efficiency, design and effectiveness of information technology controls, including security and internal controls and recommend solutions for weaknesses identified.

Key Accountabilities

- Provide inputs to the Internal Audit Strategy and improvement of the annual Audit Plan.
- Provide inputs on the improvement of audit methodology and approach.
- Plan and execute IT audit projects designed to provide assessment of internal control processes and operational performance.
- Prepare detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives and the development of an appropriate audit programme.
- Prepare and review audit work papers and reports and document the result of the reviews and assign activities and recommend management action. Submit to the Senior Audit Manager for review and approval.
- Perform complex audit procedures, including identifying issues, developing criteria, reviewing and analysing evidence and document processes and procedures
- Conduct interviews, review documents, develop and administer surveys, compose summary reports and prepare working papers.
- Assist the Senior Audit Manager in ensuring that the quality standards are adhered to on all assigned projects.
- Undertake financial, non-financial/operational audit reviews as and when required.
- Follow-up on corrective actions by management against audit findings and report progress to the Senior Audit Manager.
- Provide inputs to the development of strategic and operational risk register of the Internal Audit division.
- Implement mitigation action to manage risks.
- Use knowledge of IT environment and industry IT trends to identify potential control issues and risks.
- Prepare preliminary audit reports of findings designed to provide management with an objective assessment of the effectiveness of policies, procedures, systems and controls and provide innovative ideas and practical solutions as recommendations on findings.
- Conduct IT risk and control assessments.
- Provide ad-hoc, monthly and quarterly reports to the Senior Audit Manager.
- Build and maintain productive working relationships with internal and external stakeholders, through various engagements whilst remaining independent.
- Participate in review of internal control and security of systems under development as well as major ICT projects and initiatives by internal stakeholders.
- Provide consulting services to management related to technology platforms, networking, emergency technology, database, IT systems etc.
- Manage external auditors and ensure audit objectives are met.
- Communicate result of audit via written report and oral presentation to management within the agreed period.
- Influence and persuade stakeholders to ensure that the primary goal of providing assurance is met.

Minimum Requirements

- A Bachelor's Degree in Internal Auditing/Computer Science /Information Technology/Audit/Finance / Accounting or related field equivalent to NQF 7)
- Certified Internal Auditor or CISA
- An Honours Degree in in Internal Auditing/Computer Science/Information Technology/Audit/Finance/Accounting or related field equivalent (NQF 8) will be an added advantage
- Certification in Project Management will be an added advantage
- Member of the Information Systems Audit and Control Association (ISACA) or Institute of Internal Auditors (IIA) will be an added advantage
- A minimum of 5 to 8 experience in IT auditing or similar role
- Sound knowledge of IT controls and auditing of IT processes
- Sound knowledge of IT Governance frameworks such as COBIT
- Experience in auditing ERP systems
- Proven understanding of IT and business processes and internal controls.
- Understanding of King IV Code of Corporate Governance
- Sound knowledge and experience in auditing operational policies, procedure and controls
- Understanding of legislation related to State Owned Entities such as the PFMA
- Valid driver's licence
- Willingness to travel