Re-advertised-Information Systems Auditor job at Uganda Electricity Transmission Company Limited
About the Organization
Job Description
Uganda Electricity Transmission Company Limited (UETCL) is a public Limited Company, wholly owned by the Government of Uganda, and holds the following operational licenses: System Operator, Operation of the High Voltage Transmission Grid, Bulk Power Supply, Import and Export of Power and Public Infrastructure Provider (for ownership and operation of the Optic Fibre).
Our Vision is: "Electricity Transmission for Sustainable Regional Development."
Duties and Responsibilities
Audit Planning and Execution
Develop audit plans and schedules based on risk assessments and organizational priorities.
Conduct thorough audits of IT systems, networks, and applications to ensure compliance with internal policies and regulatory requirements.
Evaluate the effectiveness of IT controls, processes, and security measures.
Risk Assessment and Management
Identify and assess IT-related risks that could impact the organization’s operations and data security.
Develop and recommend strategies to mitigate identified risks.
Monitor and report on the status of risk management efforts.
Compliance and Regulatory Oversight
Ensure that the organization complies with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, SOX).
Evaluate the organization's adherence to internal policies and procedures.
Prepare and present compliance reports to management and regulatory bodies.
Control Evaluation and Improvement
Assess the design and effectiveness of IT controls, including access controls, change management, and data protection measures.
Recommend improvements to enhance control effectiveness and efficiency.
Collaborate with IT and business units to implement and monitor corrective actions.
Reporting and Documentation
Document audit findings, including identified issues, risks, and recommendations.
Prepare detailed audit reports and present them to senior management and stakeholders.
Maintain comprehensive records of audit activities, findings, and resolutions.
Continuous Monitoring and Follow-Up
Continuously monitor the organization’s IT environment for emerging risks and changes.
Follow up on previous audit findings to ensure that corrective actions have been implemented.
Update audit plans and procedures based on changing risk profiles and business needs.
Advisory and Consulting
Provide expert advice on IT governance, risk management, and control practices.
Assist in the development and implementation of IT policies and procedures.
Conduct training and awareness programs for staff on IT controls and security best practices.
Qualification, Experiences and Competencies
Educational Background
Bachelor’s degree in Information Technology, Computer Science, Accounting, or a related field.
Advanced degrees (e.g., Master’s in Information Systems, MBA) are advantageous.
Certifications
Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), or Certified Information Security Manager (CISM) are highly preferred.
Experience
Several years of experience in IT auditing, information security, or related fields.
Proven track record of conducting comprehensive IT audits and managing audit projects.
Experience with regulatory compliance and industry standards.
Technical Skills
Strong understanding of IT systems, networks, and applications.
Proficiency in using audit tools and software (e.g., ACL, IDEA, CAATs).
Knowledge of information security principles, risk management, and IT governance frameworks (e.g., COBIT, ITIL, NIST).
Analytical and Problem-Solving Skills
Excellent analytical skills to identify and assess complex IT risks and controls.
Strong problem-solving abilities to develop effective recommendations and solutions.
Attention to detail and a methodical approach to auditing and documentation.
Communication and Interpersonal Skills
Excellent written and verbal communication skills to prepare reports and present findings.
Strong interpersonal skills to work effectively with IT and business teams.
Ability to explain technical issues to non-technical stakeholders clearly.
Project Management Skills
Strong organizational and project management skills to manage multiple audits and deadlines.
Ability to work independently and as part of a team.
Experience in planning and executing audit projects from start to finish.
Ethics and Integrity
High ethical standards and integrity in handling sensitive information.
Commitment to maintaining confidentiality and impartiality in auditing activities.
Career Path and Progression
Entry-Level Roles: Starting positions might include IT Auditor, Junior Information Systems Auditor, or IT Compliance Analyst.
Mid-Level Roles: Progress to roles such as Senior Information Systems Auditor, IT Audit Manager, or Information Security Auditor.
Senior Roles: Advance to positions such as IT Audit Director, Chief Information Security Officer (CISO), or Chief Audit Executive.
Executive Roles: Potential to move into executive positions such as Vice President of Audit or Chief Risk Officer (CRO).
How to Apply
All qualified candidates should apply by following the link below.
For details on this job please visit https://uetcl.go.ug/careers UETCL is an equal opportunity employer. Only electronically sent applications will be accepted.
TERMS OF EMPLOYMENT AND REMUNERATION
The holder of this position will be offered a contract subject to the Ministry of Public Service Guidelines on the rationalization Exercise of Government Institutions.