Senior Auditor – ICT (FMG/AS 3)

JOB PURPOSE:

Under the direction and management of the Audit Manager – ICT (FMG/AS 4), the Senior Auditor – ICT (FMG/AS 3) is responsible for assessing risks and controls in Information and Communication Technology (ICT) environments and documents and evaluates the impact of those risks and controls to the MoAFM’s and subjects’ business objectives. The position provides technical expertise to ICT audits and ICT advice and support to performance and financial audits. Additionally, the position works collaboratively with other auditors in execution of major assessments providing audit consultancy and coaching to junior auditors. 

KEY OUTPUTS

• ICT Audits conducted 
• Working papers completed, reviewed and submitted 
• Risk-based audit work programmes and audit reports prepared 
• Pre-audits conducted and supervised 
• Team members peered reviewed and coached 
• ICT Audit documentation secured 
• Technical advice provided 
• Annual/Quarterly/Monthly performance reports prepared 
• Individual work plans developed 

KEY RESPONSIBILITY AREAS

Management/Administrative Responsibilities 

• Develops Individual Work Plans based on alignment to the overall plan for the section.
• Participates in meetings, seminars, workshops and conferences as required.
• Prepares reports and programme documents as required. 
• Maintains customer service principles, standards and measurements. 

Technical 

• Assists in all phases of an ICT audit planning by defining the audit objectives, scope, criteria, identifying required resources and timeframes to complete the audit.
• Prepares Risk-based audit work programmes and audit reports for assignments with intermediate to advanced complexities for ICT operations. 
• Applies knowledge of the principles, procedures and practices of accounting, financial records/record keeping and general audit practices to the audit process. 
• Evaluates whether the systems of internal control are in conformance with stipulated guidelines and regulations. 
• Analyses the MoAFM’s and its subjects ICT environment in terms of risks and controls and determining appropriate audit procedures for assigned projects. 
• Conducts ICT performance audits and assessments to evaluate risks and controls in the auditee’s computing environment combined with business processes. 
• Applies knowledge of auditing in areas such as: ICT governance, ICT security policies and procedures, ICT strategic planning, systems development, system access, change management, business continuity, and project management. 
• Conducts general computer and application controls assessment and design appropriate tests of controls in relation to financial reporting and business processes. 
• Ensures compliance with the FAA Act (Instructions), Audit Standards and Departmental Rules and Regulations.
• Develops Audit programmes and testing procedures relevant to risk and test objectives in the execution audit engagement Field work. 
• Ensures adherence to all applicable Divisional and professional standards.
• Checks and supervises assigned financial statements according to defined procedures.
• Conducts and supervises pre-audit functions and activities involving the assessment of leave and pension calculations, resignations, gratuity payments, and mandatory yearly pre audits of all salary and payment vouchers in accordance with the FAA Act and Instructions.
• Communicate assigned tasks to Auditors in a manner that is clear and concise ensuring high quality, accurate and efficient results. 
• Leads audit team in the field on engagements, providing guidance and overall review of deliverables. 
• Identifies and communicates issues raised, offer recommended solutions relevant to business and risk. 
• Ensures that Audit conclusions are evidenced-based and a complete understanding of the process, circumstances and risk. 
• Maintains effective working relations with internal and external stakeholders and clients ensuring that service delivery is consistently at a high standard. 
• Prepares working papers and draft audit reports for review by the Audit Manager.
• Prepares and presents reports on any deviations and or departure from the approved system; and recommend changes to realize a more effective internal control system.
• Secures and maintains confidentiality of audit working papers and related documentation.
• Attend related meetings to present audit findings and results as required.
• Prepares internal reports for the Audit Manager and the Audit Manager as required.
• Keeps abreast of emerging audit principles, procedures and practices/guidelines to ensure adherence to international standards and competitiveness. 

Human Resources Responsibilities 

• Contributes to and maintains a system that fosters a culture of teamwork, employee empowerment and commitment to the Unit’s and organization’s goals; 
• Assists with the preparation and conducts presentations on role of Unit for the Orientation and Onboarding programme. 

Other Responsibilities 

• Performs any other related duties assigned by the CAE/Audit Manager. 

PERFORMANCE STANDARDS

• ICT Audits conducted in keeping with industry standards, GOJ guidelines and timeframes.
• Working papers completed, reviewed and submitted in accordance with agreed standards and timeframes. 
• Risk-based audit work programmes and audit reports prepared in accordance with the MoAFM’s risk profile, priorities and agreed timeframes. 
• Pre-audits conducted and supervised in keeping with professional standards and timeframes. 
• Team members peered reviewed and coached in keeping with professional standards and timeframes. 
• ICT Audit documentation kept secured in accordance with Records and Information Management Policies and Guidelines. 
• Technical advice provided are evidence-based and timely. 
• Annual/Quarterly/Monthly performance reports are prepared in accordance with agreed format, are accurate and submitted on time. 
• Individual Work Plans developed in conformity to established standards and within agreed timeframes.
• Confidentiality, integrity and professionalism displayed in the delivery of duties and interaction with staff. 

INTERNAL AND EXTERNAL CONTACTS

Internal Contacts 

• Chief Audit Executive Audit Manager 
  • Provide advice and contribute to decision making; 
  • Identify emerging issues/risks and their implications, and propose solutions; 
  • Receive guidance and provide regular updates on key projects issues and priorities.
• Executive Management/Divisions 
  • Provide expert advice on Internal Audit;
  • Report and provide updates on Internal Audit Interventions; 
  • Request response to audit queries.
• General Staff 
  • To exchange Internal Audit information 

External Contacts

• Ministries/Departments/Agencies 
  • Establish professional networks and relationships to maintain currency of issues, share ideas and learnings, and collaborate on common responses to emerging and/or developing public policy issues;
• Internal Audit Directorate - MoFPS 
  • Establish professional networks and relationships to maintain currency of issues, share ideas and learnings, and collaborate on common responses to emerging and/or developing Internal Audit issues; 
  • Receive training on new Internal Audit policies, programmes, standards, procedures, etc.; as well as refresher training.
• Auditor General’s Department 
  • Establish professional networks and relationships to maintain currency of issues, share ideas and learnings, and collaborate on common responses to emerging and/or developing Internal Audit issues;
• Integrity Commission 
  • Establish professional networks and relationships to maintain currency of issues, share ideas and learnings, and collaborate on common responses to emerging and/or developing Internal Audit issues;
• Other Stakeholders, example: Professional Bodies, Academia, etc. 
  • Foster effective proactive relationships with other stakeholders, in particular community and/or industry groups for whom Internal Audit impacts are most critical.

REQUIRED COMPETENCIES

Core 

• Excellent oral and written communication skills 
• Good interpersonal skills 
• Strong customer relations skills 
• Team work and cooperation 
• Good problem solving and conflict management skills 
• Strong leadership and management skills 
• Excellent planning and organizing skills 
• Managing external partners 

Technical 

• Good knowledge of Audit Principles and Techniques. 
• Good knowledge of: 
  • ICT governance, security, operations, and control frameworks and standards (e.g., COBIT, ISO, PCI, ITIL) 
  • ICT strategic planning (including alignment with objectives, tactical planning, performance measurement) 
  • ICT risk management processes (e.g., enterprise risk management, threat risk assessments) 
  • ICT policies, standards, guidelines, and procedures 
  • Data classification standards, guidelines, and processes 
  • ICT service level management practices 
• Good knowledge of the Government of Jamaica’s Accounting and Audit standards.
• Good knowledge of Accounting Principles and Practices. 
• Knowledge of GOJ ICT systems. 
• Knowledge of the Public Finance Legal Framework and Public Finance Management Reforms. 
• Good understanding of the public expenditure policy environment and the goals.
• Good knowledge of policy monitoring and evaluation frameworks.
• Strong ability to synthesize multiple ideas and complex information into a coherent summary, as in reports and briefing notes, and to make cogent recommendations for the modification or creation of legislation, policies and programmes. 
• Good verbal and written communication skills, with the ability to deliver presentation with tact, clarity, enthusiasm and accuracy to widely varied audiences. 
• A high level of initiative and self-motivation. 
• Demonstrated interpersonal and negotiation skills. 
• Aptitude for developing and maintaining collaborative relations with team members both within and outside the Ministry. 
• Familiarity with procedures, policies and legislation governing the machinery of government. 
• Knowledge of the Government processes, including policy development, financial planning, performance management systems and basic theories, principles and methods of analysis. 
• Knowledge of computerized systems and software, with an emphasis on the MS Office suite and projects. 
• Knowledge of computerized systems and software, with an emphasis on the MS Office suite, projects and Teammate. 

MINIMUM REQUIRED EDUCATION AND EXPERIENCES

• Bachelor’s Degree in Finance, Accounting, Management Studies, Public Sector Management, Public/Business Administration, or a related discipline, OR Association of Certified Chartered Accountant (ACCA) Level 2. 
• Certified Information Systems Auditor (CISA) designation, or other audit designation (eg. CIA). 
• Four (4) years’ Auditing experience in Private or Public Sector at an Intermediate Level.

OR 

• Associate of Science Degree in Accounting from the Management Institute for National Development along with the completion of the revised certificate in Government Accounting Course. 
• Certified Information Systems Auditor (CISA) designation, or other audit designation (eg. CIA). 
• Six (6) years’ Auditing experience in Private or Public Sector at an Intermediate Level. 

SPECIAL CONDITIONS ASSOCIATED WITH THE JOB

• Work will be conducted in an office outfitted with standard office equipment and specialized software. The environment is fast paced with on-going interactions with critical stakeholders and meeting tight deadlines which will result in high degrees of pressure, on occasions. May be required to travel locally and internationally to attend conferences, seminars and meetings. 

AUTHORITY 

• Prepares working papers and draft audit reports. 
• Engages a range of related stakeholders.

Please note that only shortlisted applicants will be contacted.