Job Title: Information
Hiring Organization: GA
Location – Locality: Nairobi
Location – Region: Kenya
Job Type: Full
Date Posted: 01/25/2024
position is responsible for providing independent assurance on GA Insurance
Limited’s information systems, by ensuring that the risk management procedures,
governance processes, and control mechanisms in place are adequate to safeguard
the Information Systems of the Company at all times.
in the development, execution, and monitoring of the annual information systems
internal audit plan.
assessments of all the business information systems to evaluate controls
adequacy, effectiveness, and efficiency to support business processes.
the adequacy and effectiveness of controls for information systems and
technology processes, including those related to data protection, change
management, and cyber security.
compliance assessments against information security standards, including ISO
27001, NIST Cybersecurity Framework, PCI DSS, and HIPAA guidelines, to ensure
data security, regulatory compliance, risk mitigation, and operational
audit results and recommendations to key stakeholders including management and
business process owners.
with the Technology Services and IT security teams to ensure that appropriate
controls are in place for optimal operational functionality of Information
to date on emerging technology and security vulnerabilities, and threats in the
Information Systems landscape and provide relevant and timely advice to
stakeholders where necessary.
the IT governance documents, strategies, policies, contracts, and procedure
advice in resolving information security incidents.
in ensuring quality in all work delivered including meeting the standards for
working papers, and actively giving insights and supporting the implementation
of corrective actions based on recommendations to audit observations.
support in drafting suitable audit reports highlighting key control weaknesses
as well as non-compliance with procedures, policies, and regulatory
in the preparation of the Board Audit Committee files.
Holder Specifications: Education/ Qualifications:
Bachelor’s Degree in Accounting, Finance, Commerce, Economics, IT or a related
qualification in information systems audit such as Certified Information
Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT),
Certified Information Security Manager (CISM), Certified Internal Auditor (CIA)
is an added advantage.
5 years working experience in a similar role.
of the Institute of Internal Auditors International Professional Practice
of current technological Developments and emerging trends.
in Project Management methodologies and associated controls.
in Report writing.
to observe and understand business processes.
in Governance, Risk Management, and Compliance (GRC) principles and their
application in information systems governance and security.
and experience in the use of CAATs.
of information systems and related technology.
of risk management concepts and principles
in evaluating system backup procedures, disaster recovery capability, and
of software requirements for the auditing of computing systems and procedures.
analytical and organizational & problem-solving skills.
attributes: integrity, dependable, initiative-taking, results-oriented,
creative, and strong interpersonal skills.
to operationalize strategy into action for the function.
communication skills, both verbal & written.
meet the above minimum requirements, send your C.V to email@example.com indicate
the position applied for on the email subject line to be received on or before
2nd February 2024. Only shortlisted candidates will be contacted.