Venture Garden Nigeria (VGN) is a fast growing Software company with a vision to build an enduring organization with an ecosystem of value creators- while delivering high impact technology solutions for emerging markets through a culture of entrepreneurship and innovation. At VGN we wage war against the average, go beyond the ordinary to explore limitless opportunities; breaking the norms and aggressively pursuing success through- Relentless Hard-work, Pursuit of excellence, calculated risk taking and a hunger for knowledge and we have a lot of fun at it!
We are recruiting to fill the position below:
Job Title: Information Systems Auditor
Location: Ikeja, Lagos
- We are currently sourcing for an Information Systems Auditor who will plan, oversee and audit the information security systems used by Venture Garden Group.
- Once completed, the security auditor will provide the audit committee with a detailed report of our information systems, outline whether the system runs efficiently or effectively, and help the company make changes where necessary to improve the integrity of our system.
Principal responsibilities and accountabilities
- Execute a risk-based IS audit strategy in compliance with IS audit standards to ensure that key risk areas are audited.
- Plan specific audits to determine whether information systems are protected, controlled and provide value to the organization.
- Conduct audits in accordance with IS audit standards to achieve planned audit objectives.
- Communicate audit results and make recommendations to key stakeholders through meetings and audit reports to promote change when necessary.
- Conduct audit follow-ups to determine whether appropriate actions have been taken by management in a timely manner.
- Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation, and maintenance for alignment with the organization’s strategies and objectives.
- Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
- Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.
- Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.
- Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.
- Evaluate monitoring and reporting of IT key performance indicators (KPIs) to determine whether management receives sufficient and timely information.
- Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
- Evaluate the information security and privacy policies, standards and procedures for completeness, alignment with generally accepted practices and compliance with applicable external requirements.
- Evaluate the design, implementation, maintenance, monitoring, and reporting of physical and environmental controls to determine whether information assets are adequately safeguarded.
- Evaluate the design, implementation, maintenance, monitoring and reporting of system and logical security controls to verify the confidentiality, integrity, and availability of information.
- Evaluate the processes and procedures used to store, retrieve, transport and dispose of assets to determine whether information assets are adequately safeguarded.
- Evaluate the information security program to determine its effectiveness and alignment with the organization’s strategies and objectives.