Operational Planning
- Consider the impact of solutions on other areas of the business, as well as the interdependency of units
- Drive best practice, continuous improvement and innovation at process and procedure level
- Recommend methods, processes and systems to enhance effectiveness and meet organisational goals
- Examine and ascertain the reliability of information systems in terms of input, processing and output
- Ensure that systems comply with statutory regulations, generally accepted accounting principles, adequate financial controls, established company plans and procedures and IIA guidelines for professional internal audit practice
- Audit the development of information systems that are able to detect and report on irregularities to reduce the potential for fraud
- Prepare planning activities for audits, projects and computer system reviews assigned
Operational Implementation
- Perform audits of IT systems and processes to validate the design and operating effectiveness of the following computer control areas:
- Application Controls;
- Logical and Physical Access;
- Change Management/System Development Life Cycle;
- Disaster Recovery Reviews;
- Pre/Post implementation reviews;
- IT Project Management;
- Project Governance;
- IT Risk Management (i.e. Planning and Organisation);
- Data Migration reviews;
- Data Quality Reviews;
- Business Process Mapping reviews;
- Artificial Intelligence;
- IT Acquisition and Implementation; and
- Information technology systems and infrastructures process and control reviews.
- Liaise with External Auditors as required
- Plan and agree the scope and timing of the IT Audit assignments
- Conduct a preliminary survey of the area being audited
- Agree on the audit objectives with client management
- Execute IT Audit Assignments in accordance with the IIA and International Governance Frameworks (i.e. CoBIT, ITIL etc.)
- Report audit findings and make recommendations to improve operations, reduce costs and add value
- Present findings and recommendations concerning programs audited to management
- Coordinate audit activities with data processing and other departments to secure programming and computer time
- Follow-up audit reports to ascertain that action is taken on agreed action plans
- Keep current with audit techniques and principles
- Review and ensure the safety and security of operating information transacted through IT equipment or systems
- Perform or assist in the performance of special reviews at the request of senior management.
- Stay informed about systems activity throughout the Company in order to develop a comprehensive audit plan that helps ensure cost effective internal controls and security is in place, to protect the Company's information assets.
- Prepare and/or review audit work papers to support the audit scope and reports and ensure that they are properly documented and filed for future references.
- Produce and communicate status of audit work with fellow team members and management relative to milestones, open issues and client management acceptance.
- Effectively communicate audit status and issues in kick-off, interim and exit meeting.
- Identify and analyse causes of uneconomic or inefficient practices used in the area of responsibility.
Consulting
- Provide a consulting service to business on effectiveness of controls
- Consult with business clients to improve processes
- Maintain relationship with senior management of assigned functional/business units to provide a value added service.
- Perform risk identification of business operations to assess potential problems or control weaknesses and provide guidance on how to address identified shortcomings on an ad-hoc basis
Reporting
- Assist in identifying and preparing relevant information and data for reporting purposes
- Assist the audit Manager with preparation of reports on audits conducted.
- Evaluate data compiled during audit projects and prepare reports on conditions found
Education:
- 3 year Degree / Diploma in Internal Auditing / Risk Management or related
- Industry related certifications advantageous: preferred CISA, CRISC, CISM or CISSP.
Experience:
- 3 - 5 years Minimum of 3 years’ experience in area of specialisation;
About MTN South Africa
Launched in 1994, MTN South Africa is a subsidiary of MTN Group, a leading emerging market operator with a clear vision to lead the delivery of a bold new digital world to our customers. We are inspired by our belief that everyone deserves the benefits of a modern connected life. The MTN Group is listed on the JSE Securities Exchange in South Africa under the share code ‘MTN’. Our strategy is Ambition 2025: Leading digital solutions for Africa’s progress.