Senior IT Auditor: IT & Application Controls

What will you do?

A position as a Senior Auditor exists within Group Internal Audit: Santam Corporate Services, based in the Cape Town office.

To conduct various types of assurance and consulting reviews with the primary focus on IT and Application Control audits across the Santam Group (Santam Ltd, subsidiaries, brokers, portfolio managers, underwriting agencies and partners). This will be done in accordance with the annual audit plan approved by Santam’s Audit Committee and conducted in terms of International Standards for the Professional Practice of Internal Audit. The role requires someone with strong IT skills as well as the ability to engage the IT and IS personnel and be comfortable engaging on concepts related to application and database architectures & infrastructure as well as complex business processes. The role also requires a person who can apply our risk-based methodology, as well as lead and manage multiple audit assignments and work independently. 

What will make you successful in this role?

• To conduct risk-based technology focused (IT) audit assignments ultimately to contribute to delivering on the internal audit plan approved by Santam’s Group Audit Committee. This could include general computer control reviews, application control reviews and reviews of IT controls within the various business processes such as application and data interfaces as well as pre and post-implementation reviews with a focus on application controls.
• Assignment work entails assignment planning, execution, reporting and audit follow up work (where applicable) including the following activities:
  • Performing risk and control assessments;
  • Developing, executing and in some cases, reviewing audit procedures;
  • Preparing audit findings and unpacking root causes with management;
  • Compiling an audit report and workshopping practical action plans with various levels of management which will support the achievement of the Santam Group’s and our business partners strategic and financial objectives;
  • Ensuring that audit work is documented on GIA’s audit software tool and adheres to the required quality standards; and
  • Ensuring that audit work is completed within time and cost budgets.
• Assist in reporting to various audit, risk & related committees.
• Provide input into annual audit planning.
• Follow up on audit issues raised and provide input into the reports to the audit committee and other relevant governance structures.
• Maintain quality standards in terms of the audit methodology, approach and documentation.
• Supporting and mentoring junior / trainee auditors.
• Client relationship management with internal Santam stakeholders as well as external stakeholders, with a focus on Information Security functions.
• Championing Internal Audit’s role in the organisation by serving as GIA’s representative at relevant, key Santam forums.
• National travelling to Santam offices and partners may be required.

Qualification and Experience

• A relevant qualification (Diploma, Bachelors or Honours degree) in science, commerce, engineering, technology, information systems, informatics or similar. 
• More than 4 years’ experience in an audit/ consulting/ risk management/ governance or similar operations function and demonstrable exposure as per the job description.
• Experienced in performing IT general, application controls and similar types of audits across a range of environments.
• Solid understanding of traditional business processes and how they interact at an application and database level.
• An advanced understanding of internal audit disciplines, methodologies and practices.
• Experience in the insurance industry is preferred.
• Progress towards or completed CISA, CRISC, or similar.
• Good understanding of relevant security and control frameworks such as COBIT, ITIL, COSO, OWASP, CIS & similar frameworks.
• Experience with industry leading audit software packages would be advantageous.

Skills

• Very strong numerical, analytical and conceptual skills 
• Analytical ability and logical reasoning
• Understanding of key controls and risk management principles
• Strong time management
• Excellent interpersonal, communication and networking skills
• Relationship management (Strong client service orientation)
• Facilitation skills and ability to influence individuals, groups and teams
• Strong verbal and written communication skills
• Conflict management and negotiation skills
• Ability to work effectively in a team as well as by yourself

Core Competencies

About The Company

Santam is the leading short-term insurer in South Africa.  Along with its subsidiaries, the business transacts all classes of short-term insurance. Santam is a large, diversified, and transforming company and our success is rooted in our passion for our clients. Everything we do is centered on our delivery of insurance good and proper.