Information Technology (IT) and Computer Science
  • Information Technology (IT) and Computer Science
  • Nairobi, Kenya


Position: Information Systems Auditor
Reporting to: Head of Internal Audit & Risk


As an Information Systems Auditor at APD/Kenchic Limited, you will play a pivotal role in providing independent assurance on our information systems. You will ensure that our risk management procedures, governance processes, and control mechanisms are robust enough to safeguard our valuable Information Systems.


1. Annual Audit Plan: Participate in developing, executing, and monitoring the annual information systems internal audit plan.

2. Risk Assessment: Conduct continuous risk assessments of our IT environment, including general system controls, infrastructure, network security controls, and business application controls.

3. Control Evaluation: Evaluate the adequacy, effectiveness, and efficiency of controls for all business information systems to support our processes.

4. Compliance Assessments: Conduct compliance assessments against information security standards like ISO 27001, NIST Cybersecurity Framework, ensuring data security, regulatory compliance, risk mitigation, and operational efficiency.

5. Data Analytics: Develop sustainable data analytics models to enhance internal audit efficiency and coverage.

6. Communication: Communicate audit results and recommendations to key stakeholders, collaborating with ICT Services to optimize operational functionality of Information Systems.

7. Stay Updated: Keep abreast of emerging technology and security vulnerabilities, providing timely advice where necessary.

8. Governance Review: Review IT governance documents, strategies, policies, contracts, and procedure documents.

9. Incident Response: Provide advice in resolving information security incidents.

10. Reporting: Assist in preparing Board Audit & Risk Committee reports, ensuring quality in all deliverables.



  • Bachelor’s degree in Computer Science, Information Systems Management, Business Administration, or related field.
  • Professional qualification in information systems audit (e.g., CISA, CGEIT, CISM). CIA is an added advantage.

Working Experience:

  • Minimum 3 years of experience in a similar role.


Technical Competencies:

  • Familiarity with the Institute of Internal Auditors International Professional Practice Framework and Information Systems Audit and Control Standards.
  • Knowledge of current technological developments and emerging trends.
  • Proficiency in report writing and observing business processes.
  • Experience with CAATS and risk management principles.
  • Ability to evaluate system backup procedures, disaster recovery capability, and maintenance procedures.

Behavioral Competencies:

  • Strong analytical, organizational, and problem-solving skills.
  • Personal attributes: integrity, dependability, initiative-taking, results-oriented, creativity, and strong interpersonal skills.
  • Effective verbal and written communication skills.


To apply, email your CV and relevant documents to with the subject “Internal Systems Auditor” by close of business Wednesday, 28th February 2024.





  1. Master Your Technical Skills: Ensure you have a solid grasp of information systems audit principles and practices.
  2. Stay Updated: Keep yourself informed about the latest developments and trends in information technology and cybersecurity.
  3. Demonstrate Analytical Thinking: Showcase your ability to analyze complex systems and identify potential risks and vulnerabilities.
  4. Highlight Communication Skills: Effective communication is key in this role, so emphasize your ability to convey technical information to non-technical stakeholders.
  5. Showcase Problem-Solving Abilities: Provide examples of how you’ve tackled challenging audit issues and proposed effective solutions.
  6. Emphasize Attention to Detail: Attention to detail is critical in auditing; make sure your application materials are error-free and well-presented.
  7. Exhibit Adaptability: Information systems auditing often involves dealing with evolving technologies and changing risk landscapes. Highlight your ability to adapt to new situations.
  8. Illustrate Teamwork: Collaboration with other departments and stakeholders is essential; demonstrate your ability to work effectively in a team environment.
  9. Demonstrate Integrity: Integrity is paramount in auditing roles; provide examples of situations where you’ve demonstrated ethical behavior.
  10. Prepare for Interviews: Anticipate questions related to technical skills, problem-solving abilities, and your approach to auditing. Practice your responses to ensure you’re well-prepared.


[Your Name]
[Your Address]
[City, State, Zip Code]
[Your Email Address]
[Your Phone Number]

Hiring Manager
APD/Kenchic Limited
[Company Address]
[City, State, Zip Code]

Dear Hiring Manager,

I am writing to express my interest in the Information Systems Auditor position at APD/Kenchic Limited, as advertised. With a Bachelor’s degree in Computer Science and over three years of experience in information systems audit, I am confident in my ability to contribute effectively to your team.

During my tenure at [Previous Company/Role], I developed a strong foundation in evaluating information systems controls, conducting risk assessments, and communicating audit findings to stakeholders. I am particularly drawn to this opportunity at APD/Kenchic Limited because of your commitment to excellence and innovation in information security.

I am impressed by APD/Kenchic Limited’s reputation for fostering a collaborative work environment and investing in employee development. I am eager to bring my expertise in information systems auditing to your team and contribute to the continued success of your organization.

Thank you for considering my application. I look forward to the opportunity to discuss how my skills and experiences align with the needs of your team. Please find my resume attached for your review.


[Your Name]


Q1: What are the key responsibilities of an Information Systems Auditor? A1: The key responsibilities include developing audit plans, conducting risk assessments, evaluating controls, ensuring compliance with standards, communicating findings, and collaborating with stakeholders.

Q2: What qualifications are required for this role? A2: A Bachelor’s degree in a relevant field and professional certification in information systems audit (e.g., CISA, CGEIT, CISM) are typically required, along with relevant work experience.

Q3: How can I prepare for the interview? A3: Prepare by familiarizing yourself with information systems audit principles, practicing common interview questions, and highlighting relevant experience and skills.

Q4: What challenges might I face in this role? A4: Challenges may include staying updated on evolving technologies and threats, effectively communicating technical information to non-technical stakeholders, and addressing complex audit issues.

Q5: How does this role contribute to the organization’s goals? A5: The role contributes by ensuring the security and integrity of the organization’s information systems, identifying and mitigating risks, and helping to maintain regulatory compliance.

Q6: What opportunities for growth and development are available in this role? A6: Opportunities may include further professional development, advancement within the organization, and involvement in special projects or initiatives.

Q7: How does the organization support work-life balance for employees? A7: The organization may offer flexible work arrangements, wellness programs, professional development opportunities, and other benefits to support work-life balance.

Q8: What qualities are you looking for in successful candidates? A8: We are looking for candidates with strong technical skills, analytical thinking, effective communication, attention to detail, adaptability, teamwork, integrity, and a commitment to excellence.

Q9: What is the company culture like at APD/Kenchic Limited? A9: Our company culture values collaboration, innovation, integrity, and continuous improvement. We strive to create a supportive and inclusive work environment where employees can thrive.

Q10: Is there room for advancement within the organization? A10: Yes, we prioritize promoting from within and provide opportunities for career growth and advancement based on performance and potential.


  1. Question: Can you explain the importance of information systems auditing in an organization? Answer: Information systems auditing is crucial for identifying and mitigating risks to the organization’s information assets, ensuring compliance with regulations, and maintaining the integrity and availability of data.
  2. Question: How do you stay updated on emerging technology and security threats? Answer: I stay updated through professional development opportunities, industry publications, networking with peers, and attending conferences and seminars.
  3. Question: Describe a time when you encountered resistance to your audit findings. How did you handle it? Answer: In a previous role, I encountered resistance from a department head regarding control deficiencies. I addressed it by clearly explaining the risks and potential impact, providing alternative solutions, and collaborating to find a resolution that satisfied all parties.
  4. Question: How do you prioritize audit tasks when faced with multiple deadlines? Answer: I prioritize tasks based on risk assessment, deadlines, and impact on business objectives. I communicate with stakeholders to manage expectations and ensure that critical issues are addressed promptly.
  5. Question: Can you provide an example of a successful audit project you led? Answer: In a recent audit project, I identified vulnerabilities in our network infrastructure and recommended security enhancements that significantly reduced the risk of data breaches. This resulted in improved security posture and enhanced stakeholder confidence.
  6. Question: How do you ensure effective communication of audit findings to non-technical stakeholders? Answer: I use clear and concise language, provide relevant context, and focus on explaining the implications of findings in terms of business risk and impact. I also offer practical recommendations for improvement.
  7. Question: How do you handle confidential information during audits? Answer: I adhere to strict confidentiality protocols, ensuring that sensitive information is handled securely and shared only with authorized individuals on a need-to-know basis.
  8. Question: How do you approach building relationships with stakeholders during audits? Answer: I approach stakeholders with respect, empathy, and professionalism, seeking to understand their perspectives and concerns. I communicate transparently, establish trust, and collaborate to achieve mutual goals.
  9. Question: How do you adapt your audit approach to different types of systems and technologies? Answer: I tailor my audit approach based on the specific characteristics and risks of each system or technology, conducting thorough research, and leveraging industry best practices and standards.
  10. Question: How do you handle unexpected challenges or setbacks during audits? Answer: I remain calm and focused, assess the situation objectively, and brainstorm alternative solutions. I communicate effectively with team members and stakeholders, seeking input and support as needed to overcome challenges and achieve audit objectives.


We wish you the best in your application process and remind you that our website is committed to attracting and retaining the best employees from all races and backgrounds in our continued effort to become a better development partner. We are an equal employer and do not charge any application/recruitment fees, whether refundable or not.


To apply for this job email your details to

Discover more from THE KENYAN JOB FINDER

Subscribe to get the latest posts to your email.