Job Summary: To examine controls within an IS infrastructure, to collect and evaluate evidence of Bank’s Information System, practices and operations in order to determine if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the Bank's goals and objectives. Duties & Responsibilities:
Conduct Internal IS Audit projects to independently analyze and evaluate the adequacy, effectiveness and efficiency of management control systems, company activities, processes and procedures, which are primarily complex or high risk assessed involving significant operational, financial, management or technical considerations surrounding computerized information systems.
Review and appraise the soundness and adequacy of Information Technology (IT) installation, applications, and operation as a service to management. Measure and evaluate the effectiveness of IS controls, standards, policies, and procedures.
Assist operational audit staff with integrated audits.
Collect, analyze, interpret, and document information as part of preparing complete, effective, and timely IS audit reports.
Actively participate in reviewing the design and development of significant new information systems or applications, and significant changes.
Review general controls of the IS function to determine whether (a) controls have been designed according to management direction and legal requirements; (b) such controls are operating effectively to provide reliability, integrity, and security over the data being processed; and (c) financial management and control is adequate.
Review the application controls of significant installed information systems to assess their reliability in processing data in a timely, accurate, and complete manner.
IS Auditor Qualification: Minimum Bachelors of Computer Sciences/CISA qualified Experience: Minimum (3-4) year related work experience in the field of IS Audit, preferably in the banking sector. Place of Posting: Head Office Islamabad Key Competencies:
Solid understanding of IS concepts.
Strong technical knowledge of network and server operating systems, databases and hardware relevant to environment.
Good Report Writing Skills
Good Communications Skills
Demonstrated experience with personal computers (PCs) and local area network (LAN/wide area network (WAN) theory (e.g., all Windows applications, database retrieval techniques, etc.). Demonstrated ability to make quantitative and analytical assessments for auditing purposes.