Manager Internal Audit (Cyber and Technology)
Dar es Salaam
National Bank of Commerce
NBC is the oldest serving bank in Tanzania with over five decades of experience. We offer a range of retail, business, corporate and investment banking, wealth management products and services.
The core responsibility of the Internal Audit Manager is to support the Chief Internal Auditor in the planning, execute and management of audit assignments in accordance with the NBC Audit Plan and relevant policies, procedures and quality standards.
Audit Delivery and Issue Assurance
Develop an in-depth knowledge of the methodology, by attending training sessions and using knowledge gained during audits, use this proactively in executing audit activities.
Deliver audit work assigned by the Chief Internal Auditor to a high quality and in accordance with the requirements of the Quality Assurance scorecard.
Assist the Chief Internal Auditor with planning and execution of Design Effectiveness and Operating Effectives Testing, uniformly applying the methodology and quality standards, focusing the work on key risks, with minimum supervision from the Chief Internal Auditor.
Develop and maintain relationships with key audit contacts on each audit by attending continuous stakeholder meetings. In addition, engage closely with stakeholders during assignments and encourage open discussion and interaction with business on the risks relevant to their environment.
Engage proactively with other Internal Audit colleagues, during assignments and work collaboratively with the relevant technical team to deliver audit work.
Provide guidance to other auditors and peers by sharing business knowledge, and best practice so that audit work meets and sometimes exceeds quality standards.
Support the Chief Internal Auditor in the identification of risks to be tested by participating in audit planning sessions.
Develop an in-depth knowledge of NBC and the various business areas and use this knowledge to assess risks and controls through identifying, assessing, and documenting risks and controls within the relevant business processes.
Evaluate the design and operating effectiveness of controls and document all working papers using the Internal Audit tool for review by the Chief Internal Auditor.
Ensure all audit observations and planned actions are factually agreed with management as soon as they arise to ensure timely delivery and issuing of the audit reports. Provide suggestions to stakeholder management on how they can address the control issues identified.
Document all working papers in line with methodology requirements. The working papers must be accurate, reflective of work performed and support conclusions drawn.
Display professional scepticism, raising and discussing contentious observations with management and provide evidence to support all issues identified.
On an ongoing basis throughout the audit, discuss and agree the factual accuracy of audit observations with the Chief Internal Auditor.
Provide feedback to the Chief Internal Auditor and audit team with progress and observations raised during the audit by communicating honestly, frequently and effectively. Build and maintain good working relationships with fellow auditors.
Participate fully and be supportive in all audits by helping the team where required. Be receptive to learn and seek opportunities to share acquired knowledge with colleagues
Continue to update awareness of risk issues and changes across selected business units from interaction with management and provide feedback to the Chief Internal Auditor.
Assist in the induction of new joiners, mentoring less experienced team members.
Proactively take on additional tasks as requested by the Chief Internal Auditor – which may include managing Issue Assurance and production of team Management Information.
Perform Issue Assurance testing and documenting of the working papers in accordance with the requirements of the Methodology.
Accountability: Knowledge Management
Improve technical knowledge through self-learning or training including mandatory Continuous Professional Education requirements.
Share knowledge with AIA colleagues and peers in the business.
Develop and enhance learning through seeking coaching, training and continual feedback
Coach new joiners and trainees on how to apply the methodology. In addition, to proactively share knowledge of within the team, leading a session at a team meeting.
Build knowledge of business and culture in business units as assigned by the Chief Internal Auditor.
Knowledge of key regulations, including FIC, KYC and AML, Sanctions, for business areas / locations within remit.
Prepare audit observations and make sure that they are concise, factually accurate and cover all of the significant issues. The observations must be insightful, address the root causes, and have agreed actions that fully mitigate the risk.
Assist the Chief Internal Auditor where required, in the drafting of the audit report in line with methodology requirements and as per the requirements of the Balanced Scorecard.
Proficient in report writing for governance reporting.
Accountability: Relationship management
Develop and maintain relationships with accountable management on each audit
Present effectively at stakeholder meetings and forums (e.g.: Risk and Governance forums) to share knowledge and information including methodology, standards, changes and new developments with business stakeholders on an ongoing basis.
Audit roles – experience in risk-based auditing or risk/control activities
Relevant professional qualifications (e.g. CISA)
Practical understanding of relevant regulatory environment
Proven track record of high performance in previous roles
Experience in auditing at senior level for at least 5 years
Education and Experience Required
B Degree (Commercial, Informatics, Statistics); and/or
Honours (Commercial, Informatics, Statistics)
CISA or CISM, CISSP or equivalent certification
CIA (Levels 1,2 or 3) and CPA (T) or ACCA will be an advantage
Knowledge & Skills:
Minimum of 4 years’ experience in Internal/External audit or commensurate experience in a major financial institution
2 years’ experience in Risk Based Auditing or Risk/Control activities
Knowledge of IT General Controls
Knowledge and experience with COBIT, ITIL, ISO 27001/NIST
CISSP will be beneficial
Knowledge and experience in network or infrastructure management
Penetration testing skills will be beneficial
Advanced Data Analytics
Deciding and initiating action
Learning and researching
Entrepreneurial and commercial thinking
Relating and networking
Adapting and responding to change
Persuading and influencing
Creating and innovating
Presenting and communicating information
Financial services industry knowledge
Knowledge about new and emerging financial products and services
NBC’s Values and Behaviours represent the set of standards which governs the actions of all of us who work for the bank and against which the performance of every one of us in NBC are being assessed and rewarded:
I drive high performance to achieve sustainable results
I’m obsessed with customer
I have an African heartbeat
I believe our people are our strengths
Analytical Thinking – Advanced (Meets all of the requirements), Auditing Skills, Audit Methodology (Meets all of the requirements), Bachelor`s Degrees and Advanced Diplomas – Business, Commerce and Management Studies, Data Management (Meets all of the requirements), Digital familiarity (Meets some of the requirements and would need further development), Effective communication – Advanced (Meets all of the requirements), Openness to change (Meets some of the requirements and would need further development), Planning and organising (Meets all of the requirements), Risk and Security Management (Meets all of the requirements)