Duties & Responsibilities

• Performing risk based systems audits for Kenya Red Cross Society’s humanitarian and commercial activities.
• Assist in conducting organization wide risk assessments covering the entire audit universe (including information systems).
• As part of the internal audit plan, responsible for execution of information systems audits (core IS Audit). Provide IT audit support to the financial audit team to ensure the overall opinion incorporates the risks identified in the underlying systems.(e.g. during the internal audit teams review of procurement process, the Auditor will  review the system controls specific to procure to pay).
• Conduct special audits as required to identify potential fraud and recommend appropriate preventative controls.
• Assist the internal audit team in executing extensive data mining from the systems within the audit universe, development of data interrogation tests and conducting data analysis using CAATs – Be the Data Analysis Single Point of Contact (SPOC).
• Assist in the follow-up of recommendations made in both internal and external audit reports.
• Participate in multidisciplinary teams to develop, implement and evaluate strategic management plans to improve organisational effectiveness.
• Participate in the assessment of staff performance in order to ensure that individual and team performance is continuously monitored and measured against realistic but challenging targets.
• Regularly review effectiveness of general information systems and applications controls for the organisation.
• Pre go live assurance reviews -As part of the project team, assist in risk identification, execute risk based reviews  and recommend controls to the project manager that  should be incorporated within the system to mitigate identified risks.
• Assess training needs as well as develop and implement on-the-job training programmes aimed at equipping staff with knowledge and skills in internal audit control, ethical business conduct as well as integrity and accountability of funds.
• Prepare periodic audit reports, showing findings and making appropriate recommendations.

• Bachelor’s degree in finance, business administration, commerce, economics or equivalent qualifications plus professional accounting qualifications such as CPA as well as membership to a relevant professional body.
• Three (3) years relevant professional experience in the areas of accounting or audit gained in a large organisation.
• CISA qualified with at least two (2) years’ experience in information systems and/or information systems auditing.
• Holders of Certified Information Security Manager (CISM) or CISSP (Certified Information Systems Security Professional) will have an added advantage.
• Experience in use of CAATs e.g. Audit Command Language (ACL) or IDEA a must.

• Broad knowledge of principles, procedures, and best practices involving information systems and accounting systems.
• Demonstrate knowledge of audit procedures, including planning, audit techniques, testing and sampling methods typically involved in conducting audits.
• Broad knowledge and solid understanding of the fundamentals of internal control systems and the ability to properly execute audits designed to test these controls.
• Interpret and apply management policies and procedures, rules, regulations and government directives issued to public sector organisations.
• Proficiency in use of CAATs, databases, word-processing, and presentation applications, and experience working with large and complex data sets.
• Demonstrate ability to communicate clearly and effectively with a variety of constituents within and external to the organisation, both orally and in writing;
• Ability to work independently without supervision.
• Ability to maintain highest integrity on audit, deal with Regional and Branch Governance Committees and government agencies on audit without compromising the objectivity of the internal audit function.
• Ability to monitor project against milestones double-checks the accuracy of information for weaknesses and strive for high quality performance.