Information Technology Auditor

Information Technology Auditor in Gauteng

Division: Governance
Reference No: 5916
Location: Centurion, Gauteng, ZA
Employment Type: Permanent
Disability (EE targeted role): No
T.A.S.K Grade: 15
Job Posting Salary: R891,176.00
Job Posting End Date: 21 Oct 2025

Reporting to the Senior Manager: Risk Advisory and Business Continuity, the successful incumbent is responsible to plan, design, implement, monitor and communicate risk management processes and programmes within the RAF.

• Contribute to the development and implementation of departmental policy, procedures and processes.
• Keep up to date with effective policy and practice execution strategies.
• Provide inputs into policies and regulations.
• Research and keep up-to-date with corporate governance best practices and policies to implement within the RAF's risk management environment.
• Gathers and compiles data related to risk from internal and external resources.
• Identifies risks by analysing data, observing processes and talking to people.
• Drafts and delivers reports outlining findings, identifying and explaining potential risks and recommending solutions.
• Select, develop and implement appropriate risk assessment models or methodologies.
• Participate in the development, implementation and maintainance of risk management processes and strategies.
• Participate in the development of risk mitigation strategies that are appropriate, implementable and that associated targets are achievable for business units.
• Promote effective enterprise risk culture across RAF including development of newsletters, creating awareness and facilitating appropriate training.
• Make use of business intelligence tools to conduct various types of risk assessments, scenario analysis, risk modelling and reviews at all levels of the organisation.
• Facilitate the identification of risks, assessment, evaluation, communication, monitoring and reporting on risks.
• Ensure that risk registers and Control / Control /Action Plans registers are kept up to date.
• Review the adequacy and effectiveness of controls including validation of progress as reported by management.
• Facilitate identification and monitoring of key risk indicators and risk tolerance levels.
• Collaborate with other assurance providers to ensure identification and reporting of risks and assessment of the adequacy and effectiveness of management internal controls.
• Coordinate monthly engagements with the business on risk registers, incident reporting and monitoring of key risk indicators.
• Coordinate Risk Champion meetings in the relevant processing centre.
• Maintain input and data quality of the Risk Management System / tool.
• Provide advice to management on emerging risks and mitigation options and on the adequacy and effectiveness of existing and future controls.
• Represent Risk Management in management committee meetings, SCM and other assurance provider's forums.
• Perform annual process self assessment to improve the risk maturity for the relevant processing centre.

• Develop functional reporting systems, for management, projects or performance reporting.
• Prepare proposals, briefings, presentations, reports, and other documentation and provide management information both verbally and in report format.
• Report on emerging and materialised risks leading to the review of risk registers to identify control gaps.
• Preparation of monthly, quarterly, annual and ad-hoc reports.
• Ensure proper management and maintainance of official records.

• Facilitate and manage communication with relevant internal and external stakeholders.
• Manage relationships with vendors, service providers or procurement teams and ensure that all relevant procured items are invoiced and paid on time.
• Facilitate adequate communication concerning key risks.
• Communicate with all levels of stakeholder contact.
• Represent the Fund in relevant internal and external activities and events.

• Bachelor's Degree/ Advanced Diploma in Economics / Risk Management related qualification.
• Relevant 5-7 years' experience in an Enterprise Risk Management environment.

• Resilience.
• Communication
• Working with People
• Network and Alliances
• Planning, Organising and Coordinating
• Employee Engagement
• Personal Mastery
• Judgement and Decision Making
• Client Service Orientation
• Understanding of corporate governance standards and practice.
• Understanding of risk management frameworks and applicable laws.
• Strong stakeholder relations management.
• Understanding of King IV report.
• Knowledge of ISO 31000.
• Ability to quantify risks.
• Ability to make use of data analytics tools and risk modelling techniques.
• Ability to analyse complex data and information.

NB: "RAF offers Total Employment Cost packages with no additional contributions from the Employer, successful candidates are required to structure their packages in a manner that will suit their needs".
The Road Accident Fund subscribes to the principles of employment equity and preference will be given to People with Disabilities.
Applicants who have not received any correspondence from us within six weeks from the closing date can consider themselves unsuccessful.
Security Vetting shall be conducted on all prospective employees.
It is the applicant’s responsibility to have foreign qualification evaluated by the South African Qualification Authority (SAQA) and to provide proof of such evaluation.