Michael Mwangi, CPA, CISA®,CCNA

Experience

• 

  Family Bank Limited

  Apr 2016 - Mar 2018

  Information System Auditor

  Evaluate risk, document processes and systems in flowchart and narrative form, and design audit programs.Review written work to ensure high-quality deliverables and minimal review iterations.Apply audit lessons to reduce recurring review comments.Draft written reports and audit findings deliverables and present them to management.Suggest enhancements in controls, policies, and procedures.Follow-up on client execution of management actions.Monitor computer networks for security issues.Investigate security breaches and other cyber security incidents.Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.Document security breaches and assess the damage they cause.Work with the security team to perform tests and uncover network vulnerabilities. Show less

• 

  CHRIST IS THE ANSWER MINISTRIES

  Apr 2018 - May 2022

  Information System Auditor

  Performs general and application control reviews for simple to complex computer information systems.Performs Infrastructure and Application Reviews and Pre and Post Implementation Reviews.Performs information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.Conduct operational, compliance, financial and investigative audits, asassigned.Participate in the annual enterprise risk assessment and the recommendationof the annual audit plan for IT Audits.Plan and perform audits of Information Technology Operating Procedures andERP implementation assurance.Teammate systems/ACL analytics administration Show less

• 

  CHAI SACCO

  May 2022 - Nov 2022

  Systema Audit Manager

  • Analyze and documents all information systems and related controls and developing an appropriate audit program to test the controls identified.• Prepare draft audit reports in good form, with recommendations, appraisals, or analyses that will assist the area manager with the proper discharge of his or her responsibilities.• Evaluating the adequacy of the security and processing controls as they relate to each audit, and the effectiveness of general computer controls in effect in the IT environment.• Monitor the project status of new systems development, disaster recovery testing, and the Sacco’s business continuity plan, and other activities related to IT processing.• Review the reliability and integrity of the financial and operating information and the means used to identify, measure, classify, and report such information.• Review the means of safeguarding information assets and monitoring of ongoing performance metrics established by the IT and Security Departments.• Appraise the economy and efficiency of how resources are employed.• Reviews operations and programs to determine if results are consistent with department goals and objectives.• Prepare audit work papers according to established department guidelines and industry standards.• Provide assistance and guidance to the Sacco’s outside auditors to insure a timely and efficient completion of the audit.• Provide assistance to the Head of Internal Audit and Compliance on special projects and assignments.• Present audit findings or other relevant information to Senior Management and/or the Audit Committee on the effectiveness and adequacy of risk management, governance, and internal control procedures. Show less

• 

  Stima Sacco Society Ltd

  Feb 2023 - Sept 2023

  Information System Auditor

  • Perform individual Internal Audit projects, as part of implementing the overall approved Internal Audit Plan.• Continuous Audit Team lead• Developing the scope and performing Information Systems audits, both technical and end-user across Sacco’s Operations in line with Internal Audit Methodology, processes, procedures, and timeframes.• Preparing Internal Audit reports with recommendations for improvement as appropriate.• Provide support to the Head of Internal Audit in coordinating the affairs of the audit committee including providing information required for preparation of quarterly committee reports• Ensuring that access to electronically stored corporate information is adequately protected and managed appropriate to the risks.• Testing the adequacy and effectiveness of systems control measures.• Making maximum use of Computer Assisted Audit Tools e.g., IDEA by automation of audit tests for use by the entire Audit department.• Continuous monitoring of sensitive functional and operating units, focusing on financial, IT and operational aspects.• Performance of special Audits and Investigations as and when called upon.• Championing internal control, risk management and corporate. Show less