It Auditor

Discovery's core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.

Areas of responsibility may include but are not limited to:

• Assist in attending to management queries.
• Build / maintain relationships with the Discovery companies and other Assurance Providers:

Discovery Invest, Life, Employee Benefits, Insure, Corporate, Health, Vitality RSA, Vitality Group, Vitality Health, Vitality Life, External Audit.

• Facilitate the maintenance of risk profiles (inherent & residual view of IT risks).
• Challenge risk management information received from the business and provide meaningful input to management on where IT risk management processes and controls can be improved.

Knowledgeable in:

• IT General Controls
• Application Controls
• Technical Infrastructure
• Project and Programme Management
• Cyber and Information Security

CAATs): advantageous

• Ensure audits are performed in line with Audit Methodology.
• Provide feedback to Audit Management on the planning, execution, and reporting of the audits.
• Obtain input from Audit Management relating to risks associated with the audit topic.
• Ensure that all risks are addressed for the specific audit engagements.
• Follow up with Group Risk, Compliance, and Forensics on pertinent issues affecting audits.
• Define the purpose, scope, and audit approach of each audit for assigned areas of coverage.
• Assist Audit Management in determining the scope of Internal Audit assignments.
• Prepare engagement letters for review by Audit Management.
• Prepare / review the Audit Planning Memorandum (APM).
• Prepare / review approved system descriptions, walkthroughs, and process flow diagrams, addressing / raising review notes where applicable.
• Prepare / review risks and controls matrix (RACM) and address / raise review notes where applicable.
• Prepare / review test procedures and address / raise review notes where applicable.
• Obtain approval from Audit management regarding any changes to RACM, audit tests, perform testing, and document working papers on Audit Software where applicable.
• Review working papers on Audit Software (performed by IT Auditors) and raise review notes where applicable.
• Prepare / review the Audit Finalisation Checklist at the end of an audit.
• Supervise IT Auditors and the process of work on a day-to-day basis.
• Provide regular progress updates (at least weekly) on audit assignments.
• Keep track of the budget and timesheets weekly and submit to Audit Management.
• Escalate in a timely manner if deadlines are not going to be met or if feedback is not received.
• Immediately inform Audit Management of any problems experienced during an audit.
• Monitor the quality of work performed by the audit team and take corrective action where applicable.
• Provide training and supervision to the audit team to ensure objectives are met and coverage is adequate.
• Be ultimately responsible for the quality of audit files.
• Proactively take on additional tasks as requested by Audit Manager.
• Provide meaningful input and monitor the effective and timely implementation of management actions to address control weaknesses.

• Follow up on outstanding audit issues and management actions.
• Prepare and submit follow-up progress reports for risk and/or audit committees.

• Engage in self-development activities: studying, courses, e-Learnings.
• Present training to the IT audit team.
• Complete mini-appraisals and schedule review meetings with the Audit Manager.

• Stay updated with Internal Audit profession and industry developments.
• Continuously improve audit methodology.
• Travel if required.

• B Degree or equivalent qualification, with majors in Computer Science, Computer Auditing, or Information Systems.
• CIA / CISA / CISM / CRISC / CGIT certification (one or more required).
• At least 2 years of audit experience.
• Experience in IT General Control Reviews and Application Control Reviews.

• Internal Controls
• IT General Control Reviews
• Application Control Reviews
• Corporate and IT governance
• IT Infrastructure technical knowledge (databases and operating systems)
• CAATs / Data Analytics
• Cyber and Information Security

Advantages for career progression include studying towards or possessing a relevant Bachelor's or Honours Degree.

• Analytical Thinking: Ability to break down tasks or problems logically to understand implications.
• Communication Skills: Ability to communicate clearly both verbally and in writing.
• Relationship Building: Building relationships with auditees, business, and external auditors.
• Reporting Skills: Ability to consolidate information and prepare reports.

Employment Equity: The company's approved Employment Equity Plan and Targets will be considered during recruitment. We encourage applications from people with various disabilities as an Equal Opportunities employer.