SIHA Network IT System Auditor - Consultant Jobs in Uganda

SIHA Network IT System Auditor - Consultant Jobs in Uganda

Background of Assignment:

Following the move to MS365 in October 2022, the organization customized workflows to create a system in October 2023 that ensures continuity and sustainability of the organization processes. Whereas the system has been adopted in the day-to-day operation ability of the organization, there is a need to have an audit to ensure that the processes are are checked to be sure that they are answering the questions that they were created for.

SIHA is currently seeking the service of a system auditor to evaluate the MS365 efficiency and security measures to ensure the organization’s data protection and integrity. The consultant will be expected to review various aspects like network security, access control, disaster recovery plan, workflow efficiencies and offer recommendations to address any vulnerabilities, weaknesses and compliance issues, if any.

Objectives:

The main objectives of this assignment are:

To ascertain the network security and recommend access control measures across departments

To conduct a full review of the existing MS365 system that SIHA has adopted in its business processes

To have recommendations that will guide how to improve the system in the day-to-day business processes of the organization.

Methodology:

The consultant should adopt the methodology below during the execution of the assignment

Planning: to define the scope of the audit, identify the key risks and objectives, and develop a detailed audit plan. The consultant should also identify the key stakeholders and establish communication channels to ensure that everyone is informed of the audit’s progress.

Risk Assessment: To identify and analyze the risks associated with the IT environment being audited, considering factors such as the organization’s IT policies and procedures, data security, fire wall and compliance.

Testing: To gather evidence to assess the effectiveness of the IT controls in place. This may involve various techniques, such as reviewing documentation, interviewing personnel, and performing technical tests.

Analysis: to review the evidence gathered during the testing phase and compare it to the audit objectives and criteria. The Consultant should identify any gaps or weaknesses in the IT controls and assess the overall effectiveness of the system.

Reporting: Documenting the findings of the audit and making recommendations for improvement. The report should be clear, concise, and provide actionable recommendations that can be used to improve the system and make it hack proof.

Follow-up: The follow-up phase involves monitoring

the implementation of the recommendations and assessing the effectiveness of the changes made. This ensures that the system remains secure and compliant with relevant regulations and standards.

Tasks:

Under the supervision of the Compliance Officer and the operations coordinator, the Consultant will carry out the following functions and produce results:

To gain understanding of the broad design, architecture, and key controls of the MS365 system at SIHA and create a summary analysis and gaps;

To assess the security aspects of the system and identify the gaps and come up with recommendations

Assess the extent to which the existing system is addressing the gaps in the business processes with effectiveness and efficiency.

Have one on one sessions with users to understand the ease of use and adoption of the system interface

Carry out a risk assessment and recommendations with mitigation measures and strategies

Deliverables:

A report detailing the findings from the exercise and recommendations for improvement.

Competencies:

Strong interpersonal skills, communication and diplomatic skills, ability to work in a team.

Openness to change and ability to receive/integrate feedback.

Strong analytical, reporting, and writing abilities.

Excellent public speaking and presentation skills

Required Qualifications and Experience:

Advanced University Degree (Masters) in IT, accounting, finance or related fields or first level degree in combination with a professional certification, i.e., Chartered Accountant, Certified Public

Accountant or Certified Chartered Accountant

Professional certification of CISA (Certified Information Systems Auditor) is a must

Additional professional certifications (CIA, CFE) are desirable

Additional professional certifications in information technology are desirable.

At least 5 years of practical experience in IT audit, preferably in not-for-profit sector.

Expert level knowledge and practical experience in auditing IT governance, security, risk management and management of IT projects.

Knowledge in PeopleSoft applications is a plus. Language skills: Excellent writing, editing and oral communication skills in English

How to Apply

For more information and job application details, see; SIHA Network IT System Auditor - Consultant Jobs in Uganda

Find jobs in Uganda. Jobs - Uganda jobs. Search our career portal & find the latest Ugandan job positions, career opportunities & jobs in Uganda.

Jobs in Uganda - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in Uganda.

Find your dream job from 1000s of vacancies in Uganda posted and updated daily - click here!