Recruitment: Support Office
Job Description – IT Auditor
Role:
Information Technology Auditor
Description:
Develop and implement a multi-year risk based IT Audit Plan as part of the overall
internal audit plan.
Immediate Supervisor:
Group Risk Manager
One Up Manager:
Chief Executive
Subordinates:
0
Cost Centre:
Internal Audit
Grading System:
Paterson
Grading Level:
D2
Minimum Requirements:

NQF 7 qualification in Business, Computer Science, Management Information
Systems or related technical field

CIA and CISA qualification will be beneficial

5 years IT audit experience with relevant broad based business operations
background

Experience in a moderate or large company with a complex information systems
environment with knowledge of control frameworks such as COSO, COBIT and or
ITIL is required

Report writing, time management and administration skills

Knowledge of SAP and Active Retail

Working knowledge of the application of CAAT’s is required
Key Performance Area
Description

IT General Controls
Reviews
Perform IT general controls reviews with focus on adequacy of:
o
System development standards
o
Data center operations and security
o
Database management and security
o
Network administration
o
Overall information security
Application Control
Reviews

Determine the effectiveness of controls over individual application systems
(particularly those running on SAP and Active Retail)
Information Security
Assessments

Ensure that information contained within Cashbuild’s IT system(s) (workstations,
servers and databases) are appropriately secured

Utilise Computer Assisted Audit Techniques to perform:
CAAT’s
Management Information
Preparation and Analysis
o
Data analysis
o
Trend reviews
o
Risk identification
o
Audit planning

Identify Key Performance Areas and related Key Performance Indicators

Perform trend analysis

Present results for management awareness and action
Filename533580803
Effective Date: July 2014
Previous Version: February 2013, i.1.0 change PO
Revision: i.1.1
Process Owner: Chantelle Hattingh
Page 1 of 4
Company Confidential
Recruitment: Support Office
Job Description – IT Auditor
Key Performance Area
IT risk identification and
assessment
Description

Participate in the identification and assessments of IT risks in the company

Plan IT audit assignments

Assist with the planning of Support Office and Operational audit assignments

Taking responsibility for the execution of company’s IT Audit Plan

Taking responsibility of the reporting of IT Audit results in the form of assignment
specific audit reports, and in management information format (Audit Committee
packs)

Provide weekly feedback of internal audit results and progress against plan to
Group Risk Manager in a format that could be presented to Executive Management
(via weekly management focus meetings) and Board (via quarterly audit committee
meetings)

Provide weekly internal audit status update to Group Risk Manager for inclusion in
Group Risk Management communication in CB Mail
IT related advice and
technical assistance to
Internal Audit team

Providing IT related advice and technical assistance to Internal Audit team

Updating the internal audit policies, procedures and guidelines as and when
required (at least once per annum)
Competencies
Description
Audit Planning
Auditing
Report writing
Communication of
internal audit results to
stakeholders
Concern for excellence
Creativity
Communication
Decision making

Work within a team/ individually to meet standards set by others;

Check own work for order, accuracy, quality;

Work towards a standard of excellence for self and others within framework of
existing structure and time boundaries;

Work to improve quality and efficiency of existing systems.

Generate longer term physical & operational solutions, innovations;

Encourage new and original thinking;

Originate new and imaginative ideas and approaches to improve operational
systems in work environment;

Encourage creativity and innovation among subordinates, team, peers and
supervisors.

High levels of communication skills required by position;

Recognise & proactively deal with situations with potential for miscommunication
leading to damaged relationships;

Show conviction & enthusiasm during communication;

Apply communication strategies to ensure inputs from role players are discussed &
acted upon;

Demonstrate an understanding of role player interests;

Display sound experience of communication processes & techniques.

Make decisions that impact department & organisation;

Make decisions within framework of organisation policies;

Take into account legislation & industry standards;
Filename533580803
Effective Date: July 2014
Previous Version: February 2013, i.1.0 change PO
Revision: i.1.1
Process Owner: Chantelle Hattingh
Page 2 of 4
Company Confidential
Recruitment: Support Office
Job Description – IT Auditor
Competencies
Planning
Initiative
Problem solving
Analytical ability
Description

Take into account consequences on operations, department, organisation, &
external environment, as well as external customers;

Make decisions based on logical & abstract thinking;

Make decisions where consequences may not be immediately visible or may only
be visible in 1 - 3 years.

Establish departmental 1 year plan;

Establish time tables and schedules to achieve team/project deadlines;

Budget up to 1 year ahead;

Take into account developments related to production, safety, employees, budgets,
equipment;

Plan in framework of operational/department policies & procedures;

Establish priorities & plan schedules/ activities for team;

Take into account consequences of incorrect planning on team & team objectives.

Engage direct reports, peers and others openly on performance issues in a manner
that shows respect for the individual;

Demonstrate awareness of own impact on others;

Actively seek feedback on own performance, set action plans for improvement;

Coach & provide constructive input to others;

Establish personal goals that drive career plans and goals;

Negotiate time frames, establish realistic deadlines;

Each responsibility is seen as a learning experience toward ultimate goals;

Seek to learn from every experience and individual.

Encourage feedback from superior, peers, team members.

Analyse info within organisation & business processes;

Deal with info that may often seem unrelated to the situation or issue;

Conduct occasional research & development projects;

Benchmark within organisation & with competitors;

Interpret trends that impact organisation up to 5 years;

Identify trends and patterns related to organisation, competitors, financial issues,
resources, business plans, operations, customers, environment;

Take effective action in solving departmental, systemic & organisational problems.

Identify and interpret trends in data

Convert data analysis into meaningful management information

Distinguish between objective related and non-related information
As an Employee of the Company, it would be expected of you to perform all such duties and exercise all such
powers in relation to the business of the Company as may from time to time be requested or assigned to you by
the Company.
It would be expected of you to comply with all policies and procedures of the Company and to abide by all rules
and regulations concerning its Employees.
Filename533580803
Effective Date: July 2014
Previous Version: February 2013, i.1.0 change PO
Revision: i.1.1
Process Owner: Chantelle Hattingh
Page 3 of 4
Company Confidential
Recruitment: Support Office
Job Description – IT Auditor
I agree that this job description conveys an accurate description of this job.
Manager Name
Manager Signature
Date
Employee Name
Employee Signature
Date
Filename533580803
Effective Date: July 2014
Previous Version: February 2013, i.1.0 change PO
Revision: i.1.1
Process Owner: Chantelle Hattingh
Page 4 of 4
Company Confidential