Director, Audit (AUGD AGS 7) IT Security

JOB PURPOSE:

Reporting to the Principal Auditor, the Director, Audit is responsible for the outcomes of the audits of the specified Agencies/Public Bodies under their direction, in keeping with professional standards and enforcing the policy directive of the Auditor General’s Department for the achievement of the goals and objectives. 

KEY OUTPUTS

• Reports prepared and submitted. 
• Working papers prepared and reviewed. 
• Meetings attended. 
• Audit plan prepared. 
• Staff appraised. 
• Assigned section of Draft Annual Report submitted. 

Key Responsibilities

Management and Administration Responsibilities 

• Provide support to Reports in monitoring the operational function of area

Technical/Professional Responsibilities 

• Prepares risk-based IT audit plans in accordance with the Departments Information Technology Audit Manual and ISSAI 5300: Guidelines on IT Audit. 
• Leads general control reviews to assess IT risks and controls related to the governance, information security and business continuity of the relevant Ministries, Departments and Agencies. 
• Reviews and sign-off on working papers for all audits undertaken by assigned officers. 
• Drafts audit reports and queries for review by the Principal Auditor. 
• Meets with Heads of Departments to discuss audit findings and follow-up on responses to audit reports; 
• Participates in the preparation of the annual report; 
• Keeping abreast of changes in information technology, policies, guidelines, audit and international best practices; 
• Attends meetings of the Public Accounts Committee, as required; 
• Represents the Auditor General at conferences, meetings and other fora, as required. 
• Ensures compliance by audit team with standards stipulated in the Auditor General’s Department Audit Manuals.

People Management 

• Provides leadership to staff through effective delegation, communication, coaching, performance management, training, assistance and support, as needed.
• Promotes adherence to the policies, procedures and regulations of the Department
• Assesses direct reports performance at the completion of respective audits.
• Manages the welfare and development of direct reports 
• Provides guidance and on the job training to support staff; 

Other Responsibilities 

• Performs other related duties that may from time to time be assigned. 

PERFORMANCE STANDARDS 

• Information technology audit plans completed in accordance with the established standards. 
• Reports prepared and submitted within established time frame and meet the established standards. 
• Technical guidance provided to staff and reviews notes prepared for direct reports. 
• Direct reports evaluated in keeping within established time frame.
• Adequate tracking of unresolved audit findings and recommendations conducted. 

REQUIRED COMPETENCIES 

• As outlined in the competency framework. 

Qualification/Experience

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA). 
• Bachelor’s Degree in Information Technology or Computer Science with at least six (6) years’ experience in networking or security.

OR 

• Bachelor’s Degree in Accounting, Business Administration, Finance or Management Studies from an accredited university with at five (5) years’ IT audit experience

OR 

• Successful completion of the CompTIA Security+ certification would be an asset.

Level of Authority

• Recommends leave 
• Recommends disciplinary action. 

Working Conditions 

• Typical office, environment but may occasionally be exposed to adverse working conditions. 
• Occasionally required to travel island wide.

Note: All applications should include the positions being applied for. Late submissions will not be accepted; only shortlisted candidates will be contacted.