Not specified
Job ID: 33656 Location: Lagos Island Job Sector: Banking Job Purpose
This is an internal function which will drive the framework, oversight and monitoring of the controls environment in SIPML.
Work as an internal consultant to IT Department, to manage the Company’s assets through effective IT risk management and control systems with an ultimate aim to mitigate risk in transactions and the IT underlying processes
Mitigate operational risk through a number of controls and monitoring processes.
Manage relationship with stakeholders such as Internal Audit, Compliance, Operational Risk, IT, Business Management, amongst other Business Units within the Company.
Develop relationships in order to maintain / establish efficient and robust operating models across all IT Department.
Expected to build a strong IT control environment to ensure zero level of policy, procedures and regulatory infractions and zero tolerance for control gaps, reviewed / unauthorized transactions and income leakages
Key Responsibilities/Accountabilities Manage Risk and Control Management over IT operations’ effectiveness:
To support the Business and strengthen the IT control environment by introducing new initiatives toward achieving an effective IT control system within the Company.
Perform analysis on IT procedures/processes by reviewing the departmental working manual to identify process gaps and provide value adding recommendations.
Carry out periodic reviews of users & super user/administrator activity logs on the core applications and Active Directory (AD)
Perform review of the change management logs, test reports and attending change management meetings
Manage Logical Access on the company’s applications. This includes creation of users’ account, role modification, disabling of users’ account and password reset.
Perform servers, database and operating system reviews.
Perform periodic restoration and verification of application backup tapes to ascertain the authenticity & integrity of the selected tape and data.
Perform periodic review and monitoring of endpoint security (antivirus, data leakage prevention, etc.)
Conduct periodic review of the Data Centre biometrics access logs to ascertain that only authorized users gained access to the Data Centre and periodic inspection of the Data Centre to ensure that the facility and equipment are properly used and maintained in line
Monitor continuous knowledge development regarding sector’s rules, regulations, best practices, tools, techniques and performance standards:
Process documentation , review & alignment
Continuous review and improvement of work processes within the unit.
Resolution of IT audit issues
Prompt rendition of weekly reports with minimal error
Improved IT control environment through continuous and high level engagement
Satisfactory rating in the Audit reviews and Internal Service Survey (ISS).
Ensure quality and improvement in Business Unit audit and risk assurance reports.
Report to Executive Management & Board Audit Committee:
Conduct follow up audits to monitor management’s interventions
Maintain open communication with management and audit committee
Obtain, analyze and evaluate IT documentations, previous reports, data, flowcharts etc
Manage all Investigations as directed by Senior Management:
Ensure that the company’s core values are adhered.
Provide guidance on acceptable business culture and reputation
Delivers on all business strategies:
Carries out proper engagements for fact finding
Creates awareness on risks and conducts
Recommends appropriate consequence management actions
Relationships Process Owners – Heads of Departments and BUs:
Description or examples:Maintain close contact with all internal stakeholders within the Wealth sectors and GIC
Group – BU heads in Stanbic IBTC Pensions and GIA:
Influence their service delivery
Description or examples:Approval and contribution to Policies
Regulator:
Influence their decision making
Description or examples: Contributes to industry initiatives like training
Customers:
Manage the relationship
Description or examples: Gets customers for the business and assists in managing some and difficult situations
Preferred Qualification and Experience
First Degree Field of Study – Computer Science/Engineering
Other qualifications -Certifications or professional memberships CISA/CRISC/CISM
Advanced /Professional Degree or Professional Qualification in IT Audit/Control is required.
Experience
Independent Assurance – Internal Audit and Controls
Minimum of 2 years IT Governance experience
Information Technology – Internal Audit and Controls
Minimum of 2 years experience
Risk Management,Business Support
Understand IT operations and improve overall experience
Knowledge/Technical Skills/Expertise Audit Process:
The ability to develop control improvements required to mitigate the risks or control failures identified during internal audit reviews.
Control Evaluation:
Knowledge of standards required in managerial and financial auditing, to identify exceptions to control procedures and standards, and develop specific solutions or recommendations.
Investigative Auditing:
The ability to conduct investigations and gather evidence where cases of fraud (internal or external) are reported or suspected.
Risk Management:
The ability to interpret regulations and laws that apply to the business and to provide information to business on how to comply
Apply via :
https://www.myjobmag.com/job/102157/it-control-officer-sipml-stanbic-ibtc