To support the design, implementation, monitoring, and continuous improvement of the Group’s IT Governance, Risk, and Assurance framework. The role ensures adherence to Group IT policies, regulatory requirements, and international standards (COBIT 2019, ISO 270001, ISO 20000 and Central bank based on ICT Guidelines) by conducting control testing, monitoring compliance, managing data for audits, and contributing to maturity improvements.

Key Functional Areas and Duties

Governance Framework Support

• Maintain and periodically update the Group IT Governance and Control Library.
• Map IT controls to governance domains (COBIT, ISO, ITIL4).
• Support governance maturity assessments and prepare improvement reports.
• Assist in policy and standards review, version control, and harmonization.
• Track governance KPIs, KRIs, and KCIs across business units.

IT Assurance and Audit Coordination

• Participate in control effectiveness testing and audit evidence preparation.
• Track and monitor IT audit findings closure and management responses.
• Maintain an assurance register and audit tracker dashboard.
• Support periodic assurance reviews on cybersecurity, change management, and infrastructure.

Risk & Compliance Monitoring

• Conduct IT risk control self-assessments (RCSAs).
• Review control designs and identify gaps in IT operations and projects.
• Ensure compliance with CBK ICT Guidelines, ISO 27001, and internal IT policies.
• Provide input to the IT risk register and control testing logs.

Reporting and Documentation

• Prepare periodic assurance reports for internal review.
• Maintain IT governance dashboards and metrics using data analytics tools.
• Support governance and audit committee presentations.

Continuous Improvement and Awareness

• Participate in governance training and policy awareness sessions.
• Identify process improvement opportunities and automation potentials.
• Maintain repository of lessons learned from audits and reviews.

Key Deliverables

• Updated IT Governance and Control Library.
• Quarterly Governance and Compliance Dashboard.
• IT Assurance Testing Reports and Action Tracker.
• Policy Compliance Review Reports.

Key Strategic Initiatives to Drive

• Governance automation and dashboard integration.
• Standardization of IT control documentation across business units.
• Continuous improvement of assurance testing efficiency.

Qualifications

Academic Qualifications

• Bachelor’s degree in information technology, Computer Science, Information Systems, or related field.
• Experience in similar function or responsibilities for at least 2-3 years