IT AUDIT SEMI SENIOR

BDO is the world’s fifth largest network of public accounting firms. We provide audit, taxation and advisory services in over 166 countries and territories, with over 115,661 people working out of 1,776 offices worldwide. BDO’s distinctive reputation for building excellent relationships with our clients is built upon our commitment to all our stakeholders, that what matters to them, matters to us. In Zambia, BDO provides a full range of services to both local and international clients of varying sizes, in all sectors of the economy.

At BDO Zambia, we have a rapidly growing Audit practice looking for enthusiastic professionals to join our team.

Position Overview 

The IT Audit Semi-Senior is responsible for supporting and executing technology-focused audits that evaluate the design and operating effectiveness of IT controls, cybersecurity practices, data integrity measures, and IT governance frameworks. The role requires a solid understanding of IT environments, risk assessment methodologies, and audit standards. The Semi-Senior works under minimal supervision, leads parts of audit engagements, and guides junior staff. 

Key Responsibilities 

1. Audit Planning & Risk Assessment
   

• Assist in developing audit objectives, scopes, and work programs for IT audits. 

• Perform preliminary assessments of IT environments, including general IT controls (GITCs), application controls, and cybersecurity risks. 

• Identify key risks related to systems, data, infrastructure, and IT processes. 

• Participate in planning meetings with clients to understand business processes and technology dependencies. 

1. Audit Execution
   

• Conduct fieldwork to test IT controls, including:  

• Access controls (logical & physical) 

• Change management 

• IT operations and job scheduling 

• Backup and recovery procedures 

• Network and infrastructure security 

• Application controls in ERP or core systems 

• Perform walkthroughs and document process flows and control activities. 

• Execute audit tests using data analytics where applicable. 

• Assess compliance with relevant policies, procedures, standards, and frameworks (e.g., ISO 27001, COBIT, NIST, ITIL). 

1. Reporting & Documentation
   

• Prepare working papers that clearly document audit findings, evidence, and conclusions. 

• Draft audit observation reports with root-cause analysis and risk ratings. 

• Participate in presenting findings to management and discussing remediation strategies. 

1. Follow-Up & Continuous Monitoring
   

• Track and verify the remediation of audit issues. 

• Assist in continuous auditing activities, including ongoing assessment of high-risk areas. 

• Contribute to annual risk assessments and audit plans. 

1. Collaboration & Leadership
   

• Work closely with the Senior IT Auditor and Audit Manager to deliver assignments on time. 

• Provide guidance and review work of junior staff auditors. 

1. Required Skills & Competencies
   

Technical Skills 

• Strong understanding of IT General Controls (ITGCs) and IT Application Controls (ITACs). 

• Knowledge of networking, databases, operating systems (Windows, Linux), and cloud platforms. 

• Familiarity with cybersecurity principles, vulnerabilities, and threat landscapes. 

• Experience auditing ERP systems (SAP, Oracle, Microsoft Dynamics, etc.) is an advantage. 

• Ability to work with data analytics tools (ACL/Arbutus, IDEA, Power BI, SQL) preferred. 

Professional Skills 

• Strong analytical and critical-thinking abilities. 

• Excellent written and verbal communication skills. 

• Attention to detail and strong documentation discipline. 

• Ability to work independently and as part of a team. 

Qualifications 

• Bachelor’s degree in information technology, Computer Science, Information Systems, Accounting, or related field. 

• 2–4 years of experience in IT Auditing, IT Risk, Cybersecurity, or related areas. 

• Professional certifications (advantageous but not required):  

• CISA (Certified Information Systems Auditor) 

• CRISC 

• CEH 

• CompTIA Security+ 

• ISO 27001 Lead Implementer/Auditor 

1. 
   Preferred Experience
   

• Experience working in internal audit, external audit (Big 4), financial institutions, or regulated industries. 

• Exposure to audit management tools (Team Mate, Audit Board, or similar). 

• Knowledge of industry-specific IT regulatory requirements (e.g., banking ICT regulations, data privacy laws). 

1. Key Attributes
   

• Integrity and high ethical standards 

• Proactive mindset and eagerness to learn 

• Time management and ability to handle multiple assignments 

• Strong problem-solving skills 
  

We offer:

• Competitive remuneration package
• Opportunities for career progression

All applications should be sent not later than Tuesday 15  April 2026. Visit our website www.bdo.co.zm for more information.

Only shortlisted candidates will be contacted.

BDO’s global network extends across 166 countries and territories, with over 115,661 people working out of 1,776 offices. But they’re all working towards one goal: to provide you with exceptional service. That means local resources who understand your business and industry, backed by a truly global network. No matter where you do business, we have people who know your business. This is just one part of BDO’s commitment to delivering exceptional client service