Manager. Information Systems Audits & Risk

Reporting to the Head. Internal Audit & Corporate Compliance, the ideal candidate will be responsible for planning and leading the audit team in the execution of Information Systems (IS) audits including review of systems acquisition processes and post implementation reviews. He/she will be required to review the risk management and IS security considerations in the design, implementation, and operation of various Information Systems as well as supporting the automation initiatives within Internal Audit – development and implementation of ACL robotics

Principle Accountabilities:

  • Plan annual and ad hoc IS audits in liaison with Head of Internal Audit.
  • Prepare detailed IS audit programs for internal auditors involved in the audit of any IS application and processes dependent on such IS applications.
  • Plan audit activities to ensure reliability and integrity of information and effective use of computer resources and compliance with contract, standards and policies.
  • Ensure that clear audit trails are established and tested in all IS applications.
  • Carry out IS audits within the group to mitigate risks in the IS environment and ensure optimal use of resources.
  • Communicate emerging technology changes and challenges in IS and train the audit team to effectively adopt and adapt to the changes.
  • Train and equip internal auditors to ensure increased awareness of IS risks and opportunities.
  • Participate in acquisition, implementation, and sign-off of IS projects.
  • Assist in extraction and analysis of data using CAATs to improve auditors’ efficiency.
    Develop ACL scripts.
  • Review audit working papers to ensure adequate coverage of IS risk/opportunities.
  • Follow up audit recommendations to ensure timely implementation.
  • Prepare focused and value adding reports on IS risks and opportunities.
  • Review and evaluate disaster recovery/business continuity plans.
  • Review, evaluate and test application controls and make recommendations to enhance their effectiveness.

Knowledge, Skills and experience:

  • Bachelor’s degree in Computer Science, Information Technology, Statistics, or any other Business/IT related field.
  • Professional Certification in CISA. Galvanize certification will be an added advantage.
  • Minimum of 5 years’ working experience in IT/ Accounting/ Auditing, in a busy commercial environment or professional firm including at least 2 years’ experience in advanced data analytics within diverse IT environment.
  • Experience of using a data analytics software e.g., ACL, CaseWare IDEA.
  • Knowledge of IS standards and current CAATTs trends.
  • Demonstrable knowledge in risk management.
  • Working knowledge in enterprise resource planning (ERP) computer systems.
  • Skilled in negotiation and conflict management to resolve problems that may arise during an audit.
  • Excellent oral and written skills; a strong verbal communicator, analytical writer and able to clearly and concisely
  • convey personal observations of processes, risks and controls.
  • Excellent analytical ability both qualitative and quantitative to draw sound conclusions coupled with demonstrated knowledge and proper application of sampling techniques.
  • Excellent attention to details and organizational skills.
  • Must be a person of unquestionable integrity.
    Behavioural Competences:
  • Analytical thinking
  • Concern for order and quality
  • Initiative
  • Teamwork and cooperation


Click “APPLY FOR JOB” button above to apply for this job.

About Kenya Airways

Kenya Airways, the leading African airline flying to more African destinations than any other carrier, takes pride in being at the forefront of connecting Africa to the world and the World to Africa through its hub Nairobi Jomo Kenyatta International Airport.