Senior IT Auditor
*Position location to be within Africa (Zimbabwe, Uganda or Ghana) or within the Latin America/Caribbean region where WVI is registered to operate.
PURPOSE OF POSITION:
This position will be a lead internal technical consultant and advisor to management on the assessment of internal controls related to information technology (IT). The person in this position is responsible for conducting, leading and, or advising on information systems audit work throughout World Vision International Offices including audits of complex computer applications and technological solutions. The incumbent operates with considerable independence within the scope of their assignments. This role interacts regularly with IT personnel at the executive level, necessitating a wide degree of creativity and latitude, in addition to well-developed interpersonal and leadership skills.
IT Audit Engagement - Engagement Planning, Execution and Reporting:
Effectively complete audit planning, fieldwork, and reporting for information technology, information security, system and integrated audit engagements. Assess business / technology risks and the related controls and then provide practical, value-added recommendation.
Prepare audit reports that accurately summarize the most significant control weaknesses and resulting impacts to the Organization. Analyze evidence gathered and communicate findings and recommendations to appropriate management Directors through oral briefings during the Exit Conference and written reports. These work is performed independently in the most cases.
Audit Planning and Follow-up:
Lead or function as a team member to plan and implement IT audits based upon an understanding of the critical IT controls within the core process/area under review at the Partnership in accordance with IIA, and ISACA related Standards and complete the GRC audit templates to assess and evaluate the IT risk universe.
Follow-up with key business owners (directors responsible for audited systems, projects or programs) to ensure that any outstanding audit recommendations are implemented.
Assist GC audit teams, RIATs (Regional Internal Audit Teams) and other National Office based auditors in performing IT application reviews; provide training, guidance and assistance in developing and deploying automated audit testing using relevant CAATs (Computer Aided Auditing Tools/Techniques).
Provide leadership, including in the area of Christian commitment and spiritual development, and train and monitor the quality of IT audit work to ensure compliance with ISACA and IIA Standards, WVI's IT policies and regulations.
Collaboration, Advisory Services and Networking:
Build effective relationship with business partners like Information Security, IT Solutions, Infrastructure and Enterprise Architecture; sister functions like Enterprise Risk Management and Compliance; and regional IT management to stay abreast of activities within IT for consideration of risk assessment, audit scoping and planning.
Networking with Project Managers and Executive Sponsors of key business systems like Horizon, SunSystems, Provision, Concur and Our People to identify areas of advisory and assurance review services.
Carry out advisory reviews for major Information Technology related systems, projects and innovations in order to minimize risk and enable achievement of the Partnership strategic goals.
Perform special projects as assigned by the GC IT Audit Director including assisting in regulatory audits related to information security, special requests from senior leadership or ARC (Audit and Risk Committee), IT fraud investigation, design specialized audit tools using technology, conducting training and other tasks as assigned.
Maintain Continuing Professional Education (CPE) by attending online courses or professional seminars and trainings. The incumbent should maintain a minimum of 40 CPE credits per year.
KNOWLEDGE,SKILLS & ABILITIES:
Master's degree in management information systems, finance, accounting or related discipline.
At least 5 years of audit, accounting, IT Audit within COBIT/CISSP/ITIL or related experience.
Technical professional certification required (CISA, CISSP, or MS SQL Server). CPA (Certified Public Accountant) or CIA (Certified Internal Auditor) a plus.
Ability to develop and manage relationships with different management levels within the organization.
Ability to travel up to 40% of the time to international locations.
Experience analyzing data and coding with specialized tools (MS SQL Server, ACL, SAS).
Proficiency with Microsoft Office applications, including Word, Excel, Access and PowerPoint.
Fluent in English.
Knowledge of French, Portuguese or Spanish is an added advantage.
CISA - Certified Information Systems Auditor.
CPA, CMA or CIA a plus.
Excellent oral and written communication skills.
Strategic thinker with advanced analytical and problem-solving skills.
Strong project management skills.
Strong interpersonal skills, including the ability to influence others and establish credibility with business partners.
Working knowledge in the areas of: financial applications, Windows operating systems, application development lifecycle, data center operations, network security audits, internet and related technologies, general network technologies, mainframe and mid-range computing, ERP Systems, databases, familiarity with IT audit tools.
The ability to work independently, with minimal direction and guidance.
The position requires ability and willingness to travel domestically and internationally up to 40% of the time.
This role involves working in a virtual /geographically dispersed / multi-culturally team.