Job Description

THE JOB AT A GLANCE
As the IT and Application Controls Internal Auditor, you will report to the Senior Internal Audit Manager. Your responsibilities will include supporting internal audit assignments and delivering the internal audit plan from an IT perspective. Additionally, you will assist and support the department with internal audit administrative matters.
Your role will specifically involve independently coordinating, planning, executing, and reporting on a variety of IT-related audits, such as IT General Controls, Application Controls, IT Disaster Recovery, IT infrastructure, and network-related audit reviews. You will be responsible for reviewing the adequacy and effectiveness of controls implemented by business for all technology and integrated audits and ad-hoc management requests across the RMA footprint in support of strengthening the control environment.
WHAT WILL YOU DO?
Audit Planning and Execution:
Develop and implement detailed audit programs to evaluate the effectiveness of IT controls.
To conduct risk-based technology-focused (IT) audit assignments ultimately to contribute to
delivering on the internal audit plan approved by RMAs Audit Committee.
This includes general computer control reviews, application control reviews and reviews of IT controls within the various business processes such as application and data interfaces as well as pre- and post-implementation reviews with a focus on application controls.
Compliance and Risk Management:
Ensure compliance with relevant regulatory requirements, industry standards, and internal policies (e.g., ISO 27001, ITIL, COBIT and similar frameworks).
Evaluate the organization's risk management processes and recommend enhancements to mitigate identified risks.
Reporting and Communication:
Prepare detailed audit reports, including findings, recommendations, and action plans.
Communicate audit results and recommendations to senior management and other stakeholders.
Collaborate with IT and business units to develop and implement corrective actions and security improvements. Attend and participate in Operational Meetings as required.
Continuous Improvement
Monitor the implementation of audit recommendations and follow up to ensure timely resolution.
Contribute to the development and enhancement of audit methodologies, tools, and processes.
Provide guidance and training to junior auditors and other staff on IT audit techniques.
Perform and ensure high-quality internal audit work as required in terms of the International
Standards for the Professional Practice of Internal Auditing (Standards).
Financial Policies, Guidelines, and Protocols
Develop and deliver financial guidelines and protocols to ensure the company complies with
regulations and good financial practice.
Data Collection and Analysis
Conduct research using primary data sources, and select information needed for the analysis of key themes and trends.
Audit Compliance
Manage a portfolio of audit assignments. Ensure that the team plans and delivers audits that
cover identified risk areas, and that appropriate corrective actions are agreed on with auditees.
Resolve issues arising from audits and refer serious or contentious issues to the audit program leader.
Recommendations
Advise others on how to design new processes and systems that meet professional standards.
Insights and Reporting
Prepare and coordinate the completion of various data and analytics reports.
Operational Compliance
Identify, within the team, instances of noncompliance with the organization's policies and
procedures and/or relevant regulatory codes and codes of conduct, reporting these instances and escalating issues as appropriate.
Document Preparation
Edit document in line with organizational style guidelines and prepare information for publication.
Data Management
Help others get the most out of data management systems by providing support and advice.
Personal Capability Building
Develop own capabilities by participating in assessment and development planning activities as well as formal and informal training and coaching; gain or maintain external professional
accreditation, where relevant, to improve performance and fulfill personal potential.
Maintain an understanding of relevant technology, external regulation, and industry best
practices through ongoing education, attending conferences, and reading specialist media.
WHAT YOU'LL BRING TO THE TABLE?

• Bachelors degree in information technology, or a related field.
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified
• Information Security Manager (CISIM), Certified in Risk and Information Systems Controls (CRISC), or similar.
• Minimum of 5-7 years of experience in IT auditing, experienced in performing IT general,
• application controls, and similar types of audits across a range of environments.
• In-depth knowledge of control frameworks, standards, and best practices (e.g., ISO 27001, ITIL,COBIT).

WHAT WILL YOU GET IN RETURN?
We offer great opportunities for personal and professional development in a stable company thats 130 years strong. The role comes with a competitive salary package and various benefits. Flexible work arrangements (combination of remote and in the office). Furthermore, you will be a part of a dedicated group of colleagues who value teamwork and collaboration.
Turnaround time
The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers. Kindly note that should you not receive a response within 21 days please consider your application unsuccessful.
Our Commitment to transformation:
In accordance with the employment equity plan of Rand Mutual Assurance and its employment equity goals and targets, preference may be given, but is not limited, to candidates from under-represented designated groups.

• Bachelors degree in information technology, or a related field.
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified
• Information Security Manager (CISIM), Certified in Risk and Information Systems Controls (CRISC), or similar.
• Minimum of 5-7 years of experience in IT auditing, experienced in performing IT general,
• application controls, and similar types of audits across a range of environments.
• In-depth knowledge of control frameworks, standards, and best practices (e.g., ISO 27001, ITIL,COBIT).