apply today

Post Jobs

Cyber Security Senior Auditor

Full Time

Website Road Accident Fund

The Road Accident Fund is a social security Fund that provides compensation to all drivers of motor vehicles in South Africa in respect of liability incurred or damage caused as a result of a traffic collision. Liability incurred in relation to property damage (such as damage to vehicles, buildings, vehicle contents) is excluded from cover. The Road Accident Fund operates a system whereby the claimant is assigned a percentage of responsibility for the accident, and the Road Accident Fund pays the claimant a percentage of a full settlement based on a percentage that was not deemed to be their responsibility.

Key Performance Areas

 Plan the Implementation of Cyber Security IT Audits

  • Plan and conduct Cyber Security IT audits as per the approved Internal Audit Methodology.
  • Conduct preliminary survey to understand the area to be audited.
  • Arrange meetings with the auditee and discuss areas of concern.
  • Draft the audit planning memorandum and discuss it with the auditee before submitting it for approval.
  • Discuss the planning documents with the auditee after the opening meeting for confirmation of changes that need to be effected.
  • Formulate the audit program based on the outcome of the preliminary survey using appropriate audit methodologies.
  • Address and respond to reviews on all planning documents from the IT Audit Manager.
  • Obtain approval of the audit program as well as all other planning documents (mentioned above) from the IT Audit Manager.

Supervise the Audit Process

  • Provide regular team progress to the IT Audit Manager.
  • Conduct and supervise the audit as per the RACM.
  • Review working papers for completeness and accuracy before submission to the IT Audit Manager.
  • Review preliminary survey work performed by auditors.
  • Review the system descriptions and risk and control gap analysis performed by the internal auditors.
  • Schedule progress meetings with the auditee and discuss factual correctness of potential findings.
  • Refer to management any issues that require immediate action.

Policy Review and Implementation

  • Contribute to the development and implementation of departmental policy, procedures and processes.
  • Keep up to date with effective policy and practice execution strategies.  

Reporting

  • Prepare and submit draft audit report with findings addressing audit objectives and scope to the IT Audit Manager.
  • Address review notes from the IT Audit Manager and capture close-out meeting minutes.
  • Provide assurance and recommend controls to business units in accordance with the relevant laws and regulations and National Treasury frameworks.

Stakeholder Management

  • Facilitate and manage communication with relevant internal and external stakeholders and proactively and progressively manage the relationships.
  • Communicate with all levels of stakeholder contact.

Qualifications and Experience

  • Bachelor’s Degree/ Advanced Diploma in Auditing/ Computer Auditing/ Information Technology related qualification.
  • Registered with the Institute of Internal Auditors and/or ISACA.
  • CISA certification.
  • CISSP/ CRISC/ CISM/ CGEIT will be an added advantage.
  • Relevant 5 – 7 years’ experience in an IT auditing environment with specific experience in Cyber Security with a focus on technical applications and knowledge.
  • Experience in the completion of SAP Basis, General Controls Reviews (GCR’s) as well as Application Controls Reviews (ACR’s), SDLC and Cyber Security Reviews.

    Share on
    Print

    Similar Jobs