An Information Security Auditor is responsible for conducting internal or third-party audits in accordance with specific Information Security Management System standards.
The information Security Auditor can:
- Conduct audits/assessments, to ensure adequacy, efficiency and effectiveness of IT system controls and improvements in accordance with various IT Security related standards
- Ensure timely completion of audit and submission of audit reports
- Drive or conduct IT control assessments in line with compliance and certification requirements
- Provide support with stakeholders on effective risk management and drafting, maintenance and documentation of Security Incident Mangement Policies