Manager, IT Audit at BOTSWANA TEACHING PROFESSIONALS COUNCIL

Role Purpose

Reporting to Director-Risk and Internal Audit, the successful candidate will be responsible for planning, organising and managing the Council’s information technology audit activities including general IT control and specialist audits such as cyber security assessments and data analytics and monitoring of the adequacy and effectiveness of the Council’s IT control environment.

Key Performance Areas

Availability of an IT Audit coverage plan for approval by the Board.
Successful and complete execution of IT Audit plans to give the Council Management and Board assurance.
Effective internal IT controls.
Detailed IT Audit reports with agreed upon mitigations and related timelines.
A demonstrable reduction of IT risks and losses.

The main duties include but are not limited to:

Manage the day-to-day Information technology audit function of the Council.
Ensure that all Council risk and information technology audit policies and standards of the Council comply with best practice standards.
Act as risk, internal control and quality assurance advisor to the Council’s management and Board and provide effective and appropriate advice in support of the Council’s decision-making process.
Promote governance, ethics, and integrity in all the Council’s dealings.
Liaise with the Risk and compliance function on the Council risks to inform the information technology audit plan.
Develop and implement Information technology audit policies and procedures in line with best practice standards.
Promote the implementation of internal controls to mitigate any compliance risks.
Promote a sound internal control culture and awareness.
Develop of an effective strategy, plan, framework and system for internal control monitoring and reporting.
Promote an internal control knowledge, culture, and skills in the Council.
Facilitate the identification and assessment of risks and the development and implementation of a risk mitigation plan.
Facilitate the monitoring, evaluation and reporting on the implementation of risk mitigation measures, the impact of risk mitigation measures and the effectiveness of internal control mechanisms in place.
Identify and build sound relationships with key intermediaries, stakeholders and partners who can contribute to the development and implementation of the risk and compliance programmes.
Provide reasonable assurance to the Board on the adequacy of systems and processes of internal control through regular reporting to the Registrar and Board (Finance, Audit and Risk Committee), with actionable and constructive plans for risk mitigation.
Identify and work with other audit firms on specialist technology audits such as cyber security assessments.
Manage the execution of outsourced work from sourcing of funds, invitation to tender and monitoring that Terms of References (ToRs) are met.
Develop an information technology audit plan for the review and approval by the Board’s Finance, Audit and Risk Committee.
Formulate audit plan based on the outcome of the preliminary surveys using appropriate audit methodologies and technologies.
Facilitate quality review and assessment of the audit plan.
Ensure that the necessary resources are available to meet the audit plan.
Facilitate the assessment, effectiveness and efficiency of business processes, procedures, and activities.
Identify appropriate audit methodologies that are available, including the use of technology.
Provide input into the enhancement of audit methodologies and technologies.
Carry out audit methodology documentation processes.
Facilitate the execution of strategic, financial, operational (people, process, systems), compliance audits.
Review audit programs, workpapers and reports on an on-going basis and provide guidance where necessary.
Implement and facilitate the control staff assessment process across the Council.
Ensure internal audits are performed in accordance with best practice standards.
Ensure the appropriate review, adequacy, and operating effectiveness of internal control systems.
Follow-up on resolutions of reported audit findings.
Review and finalise audit reports.
Ensure internal control issues raised are followed up until resolution by management.
Present audit reports to the Executive Management and to the Finance, Audit and Risk Committee of the Board. Authorise departmental unit expenditure in accordance with financial policies and budgets.
Manage the departmental unit recruitment, selection, performance management, learning and development, employee relations, talent development, staff welfare and succession planning.
Ensure appropriate departmental unit risk management and internal controls are effectively implemented.

Competencies

Negotiation and persuasion.
Organisational (planning, managing time, prioritising work).
Critical thinking.
Risk oriented.
Assertiveness.
Stakeholder management .
Integrity and Ethics

Qualifications and Experience

A Degree in an IT related field such as Information Systems, Computer Science.
Membership to a relevant professional body and qualification in Information Technology audit such as CISA, CISM.
At least eight (8) years post qualification experience in an IT audit function of which three (3) must have been at management or supervisory level.
Experience establishing information technology audit plans, programs, policies and procedures and supervising IT audit teams.
Operational and technical knowledge of best practice standards in IT Audit.

Interested candidates should submit their cover letter addressed to Manager Human Capital & Administration, detailed curriculum vitae (CV),certified copies of academic certificates and ID to: