Information Systems Auditor Non-profit Jobs – African Field Epidemiology Network (AFENET)

Organisation: African
Field Epidemiology Network (AFENET)
Duty Station: 
Kampala, Uganda
Reports to:
Director Internal Audit & Risk Management
About US:
The African Field
Epidemiology Network (AFENET) is a not for profit, networking alliance and
service organization that brings together field epidemiology training programs
(FETPs) across Africa working side by side with Ministries of Health, regional
and international partners. AFENET works to strengthen epidemiological and
disease surveillance capabilities of African countries that are critical to
meeting the requirements of the Integrated Disease Surveillance and Response
(IDSR) strategy and the International Health Regulations (IHR).
Job Summary:  The Information Systems Auditor will perform
IT Audits, lead continuous audit initiatives and support with data analytics
needed during audits and investigations. The position will be responsible for
the review of all key information systems and infrastructure within the
organization. The Information Systems Auditor will be responsible for leading,
conducting and advising on all information systems audit work within the
organization including audits of computer applications, information security
and technological solutions at the Secretariat, Regions and country offices.
The Information Systems Auditor will also champion Information Technology (IT)
use within the Internal Audit & Risk Management Department through capacity
building in line with the Internal Audit & Risk Management strategy.
Key Duties and Responsibilities: 
Audit Engagement
(Audit planning, execution and reporting)
  • Facilitate IT risk assessments and provide key input in the risk
    based audit plan by providing key IT risks from the IT risk universe.
  • Develop detailed IT audit work plans, information system and
    application audit programs for specific engagements, audit work papers,
    and IT audit status reports within the organization.
  • Engage with management at the Secretariat, Regions and Countries to
    obtain better understanding of business processes and key risk areas
    affecting strategic goals.
  • Participate in the planning and implementation of IT audits based
    upon an understanding of the critical IT controls within the core process/
    area under review in accordance with the IIA and ISACA related Standards;
    and use the Governance, Risk and Control system and the designed templates
    for assessing and evaluating the IT risk universe.
  • Analyze evidence gathered and accurately communicate findings and
    recommendations to appropriate management and directors both orally during
    the exit conference and written reports.
  • Participate in audits as per the annual plan including pre post IT
    projects implementation.
  • Follow-up on remediation of identified deficiencies.
Advisory and
Consulting Services:
  • Collaborate with IT project teams and participate in live IT
    initiatives as a subject matter expert in matters relating to controls and
  • Provide consultative advice to stakeholders by identifying key IT
    control gaps and risks related to key processes.
  • Assist in the evaluation of potential occurrence of fraud in IT systems
    and how management mitigates the risk.
Continuous Auditing
& Capacity building:
  • Develop tools for different applications that will be used to
    enhance continuous review of key risks.
  • Provide training and guidance to the Internal audit & Risk
    Management Department on evaluation of general and application controls of
    systems, use of computer assisted audit techniques (CAATs) to facilitate
    the testing of controls and application of data analytics and business
    intelligence to detect possibility of frauds and non-compliance to
    existing standards and expected controls.
  • Review and help improve the IT risk management framework in the
    organization including identification of current and emerging risks.
  • Special Investigations and assignments:
  • Perform special investigations and projects as assigned including
    assisting in regulatory audits related to information security and fraud
  • Design specialized audit tools and conduct relevant training.
  • Participate on any other tasks that may be assigned from time to

Qualifications, Skills and Experience: 
  • The applicant must hold a Bachelor’s degree in Business Computing,
    Computer Science, Information Technology, Management Information Systems,
    Information Security or a related discipline.
  • A minimum of five years of experience in Information Technology (IT)
    or Information Systems Audit and Advisory.
  • Technical professional certification required (CISA, CISSP, CISM or
    CRISC). CPA, ACCA or CIA (Certified Internal Auditor) a plus.
  • Knowledge of COBIT and best IT industry practices.
  • Extensive engagement experience with management at middle and senior
  • The ability to design and execute data analytics tests to support
    business process audits.
  • Exposure to various computer assisted audit techniques (CAATs)
  • Must have good working knowledge of computerized accounting systems
    preferably, Sun system accounting, Sun flow Procurement, Sage HRIS
    platforms, Microsoft Project, Online Banking, document management systems,
  • Good track record in IT audits, other internal audits, computerized
    risk management models and continuous process improvement projects.
  • Notable level familiarity with various IT platforms, operating
    systems and information security.
  • Experience in terms of assisting with the development and/or
    improvement of IT audit methodologies.
  • Ability to plan, perform, document and report on audits.
  • Experience in dealing with people from diverse cultures and
  • Knowledge of French or Portuguese would be an added advantage.
  • Good communication, quantitative and presentation skills.
  • Will be expected to operate with considerable independence within
    the scope of their assignments
  • Should have a wide degree of creativity and latitude, in addition to
    well-developed interpersonal and leadership skills.
How to Apply:
All interested
candidates should submit their Application letters detailing their experiences
and skills, curriculum vitae, copies of relevant academic documents and 3
references online to: The Human Resource Office, African Field Epidemiology
Network (AFENET) via
successful candidates shall be contacted for an interview.
Deadline: 29th March 2019
For more of the
latest jobs, please visit or
find us on our facebook page

Leave a Reply

Your email address will not be published. Required fields are marked *