Information Systems Auditor at the Economic Community of West African States (ECOWAS)

The Economic Community of West African States (ECOWAS) is a regional group of fifteen West African countries. Founded on 28 May 1975, with the signing of the Treaty of Lagos, its mission is to promote economic integration across the region.

Mandate of OAG

• The Office of the Auditor General of ECOWAS Institutions (OAG) is an independent assurance office established to assist the ECOWAS Governance Bodies, in particular, the Council of Ministers and Audit Committee to carry out oversight functions, promote good corporate governance, accountability, and value for money in all Community Institutions, Specialized Agencies and Offices.
• The OAG is mandated to conduct Community-wide financial audits, compliance audits, performance audits, Investigations, and other Special Audits.

Role Overview

• Under the supervision of the Principal Auditor, Information Systems Audit, the incumbent will provide independent assurance and advisory services on the governance, security, and effectiveness of Information and Communication Technology (ICT) systems across ECOWAS institutions and Agencies.
• The IS Auditor evaluates the design and operation of ICT controls, assesses compliance with regional and international standards, and contributes to the improvement of IT risk management, digital transformation oversight, and institutional accountability.

Roles and Responsibilities

• Execute comprehensive audits across ECOWAS institutions, agencies, and programs in line with international standards (ISACA, INTOSAI, AFROSAI-E).
• Review IT General Controls (ITGCs), application controls, cybersecurity measures, infrastructure reliability, and system change management processes.
• Evaluate compliance with ECOWAS ICT policies, information security standards (e.g., ISO 27001, COBIT, ITIL), regional data protection regulations, and broader risk governance frameworks.
• Verify the accuracy, security, and reliability of enterprise systems such as ERP (e.g., SAP, Oracle), financial systems, and HRIS platforms.
• Assess risks related to data governance, cloud adoption, disaster recovery, artificial intelligence, digital transformation, and cybersecurity threats.
• Participate in audits of system acquisition and deployment to ensure appropriate vendor selection, planning, integration, and control mechanisms.
• Support preparation of audit planning memoranda and ensure thorough audit documentation including working papers and finding memoranda.
• Develop and present high-quality written and oral reports with concise findings, risk ratings, conclusions, and actionable recommendations for the Auditor General and senior management.
• Conduct follow-up reviews to assess implementation status of prior audit recommendations and monitor management’s corrective actions.
• Support outsourced audits to ensure timely completion and quality reporting and contribute to external audit coordination.
• Maintain and enhance computerized audit software, tools, and automated techniques.
• Train other audit staff in their use and develop methods for reviewing computerized systems.
• Deliver training and coaching for audit staff and stakeholders across ECOWAS institutions on IT audit techniques, computerized audits, and succession planning.
• Coordinate with external auditors, legal authorities, administrative departments, and law enforcement as appropriate.
• May serve as expert witness in legal proceedings.
• Serve as a Super User for Governance, Risk Management, and Compliance (GRC) systems, providing risk insights and recommendations on IT and enterprise risk matters.
• Conduct or support operational, compliance, financial, and investigative audits aligned with institutional priorities.
• Contribute to the continuous review and enhancement of audit methodologies, frameworks, and tools to support a highly effective audit directorate.
• Stay current with evolving technology trends, digital innovations, and emerging audit tools relevant to modern IS audit functions.

Promote IT Governance Best Practices:

• Advise ECOWAS institutions on implementing IT governance frameworks (e.g., COBIT) to align IT investments and resources with organizational goals and ensure accountability in decision-making.

Evaluate Business Continuity and Disaster Recovery (BC/DR):

• Review the design, documentation, and testing of BC/DR plans to ensure data availability, minimal service disruption, and institutional resilience during system outages or cyber incidents.

Audit Third-Party and Cloud Service Providers:

• Assess the security, performance, and compliance of outsourced IT services, including cloud providers, to ensure proper SLA adherence, data sovereignty, and risk exposure control.

Support Digital and E-Government Audits:

• Provide assurance on the governance, security, and reliability of e-government platforms and digital public services offered by ECOWAS entities, including portals, mobile apps, and citizen databases.

Advise on Ethical Use of IT and Data:

• Monitor the ethical implications of technology use within ECOWAS—such as data misuse, algorithmic bias, and surveillance—and provide guidance to ensure adherence to institutional values and legal frameworks.
• Perform other duties as assigned in support of the Office of the Auditor General’s mandate and ECOWAS-wide audit coverage.

Join any of these WhatsApp Groups to receive Job alerts on WhatsApp
Hub 1
Hub 2
Hub 3

Requirements

Academic Qualificaton & Experience
Education:

• Bachelor’s Degree in computer science or related discipline from a university of recognized standing.

Professional Certifications:

• CISA (Certified Information Systems Auditor) is desired.
• Having CRISC, CGEIT, CISSP, and ISO 27001 Lead Auditor would be an added advantage.

Experience:

• Minimum Experience Requirement:
• At least five (5) years of progressively responsible experience in planning, design, implementation, audit, and evaluation of IT systems, cybersecurity frameworks, digital platforms, and enterprise-level applications.
• Audit-Specific Competence:
• Proven experience in conducting IT audits in accordance with ISACA/INTOSAI/AFROSAI-E standards.
• Demonstrated ability to review and evaluate IT General Controls (ITGCs), application controls, and cybersecurity safeguards.
• Experience using the TeamMate+ audit management software.

Regulatory and Compliance Knowledge:

• In-depth knowledge of data protection regulations (e.g., GDPR or ECOWAS Data Protection Act), and information security frameworks (e.g., ISO/IEC 27001, NIST, COBIT 5/2019).
• Familiarity with ECOWAS ICT policy framework, regional cyber laws, and procurement policies.

Risk Management & Governance Acumen:

• Experience evaluating enterprise risk management (ERM) structures and risk registers.
• Demonstrated knowledge of IT governance structures, strategic alignment, and GRC tools (Governance, Risk, and Compliance).

Digital and Emerging Technology Literacy:

• Awareness of emerging risks related to AI, cloud services, digital transformation, remote work infrastructure, and e-government services.
• Experience auditing cloud-based systems (AWS, Azure) and third-party/vendor IT environments.

Project and System Lifecycle Oversight:

• Competence in reviewing system acquisition, digital project delivery, and post-implementation reviews.

Disaster Recovery and Continuity Assurance:

• Ability to assess and audit Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP), including testing, documentation, and resilience

Analytical and Communication Skills:

• Strong written and verbal communication skills to draft concise audit reports, communicate technical risks, and present findings to senior executives and governing bodies.
• Proven ability to influence auditee cooperation and foster improvements without compromising independence.

Cross-Functional Collaboration Experience:

• Demonstrated history of working across finance, legal, procurement, IT, and HR teams during audits.

Key Competencies:
Leadership:
Strategic Thinking and Foresight:

• Ability to anticipate long-term IT and audit trends, assess emerging risks (e.g., AI, cybersecurity), and align audit priorities with organizational strategy.

Decision-Making Under Uncertainty:

• Ability to make sound, defensible decisions in complex or ambiguous situations, particularly when evaluating residual risks or incomplete data.

Emotional Intelligence and Integrity:

• Ability to maintain composure, self-awareness, and professionalism under pressure, while demonstrating empathy and fairness at work.

Change and Agility:

• Ability to champion innovation, manage resistance to change, and promote adaptive thinking within audit environments.

Conflict Management and Negotiation:

• Skilled in resolving conflicts objectively and diplomatically, especially when audit findings are contested or sensitive.

Cross-Functional Collaboration:

• Ability to collaborate with multidisciplinary teams (Legal, HR, Finance, Procurement) and foster mutual understanding of risks and control implications.

Cultural and Political Sensitivity:

• Demonstrates cultural awareness and tact in engaging with diverse institutions and stakeholders across ECOWAS member states.

Communication and Presentation Skills:

• Ability to distil technical audit issues into clear, actionable messages.

Results Orientation and Accountability:

• Committed to delivering high-impact audit results on schedule and demonstrating accountability in both individual and team performance.

Client Service Orientation:

• Interpersonal skills with ability to keep a client informed of progress or setbacks in projects of relevance to timeline, quality, and quantity.
• Ability to proactively interact with clients and build strong trusting relationships based on mutual respect and regular discussions.
• Ability to establish and sustain professional credibility with clients/stakeholders in a manner that anticipates their need, mitigates issues and that carefully balances professional obligations with the need to be sensitive and responsive to their needs.
• Ability to counsel, advise, consult, and guide others on matters pertaining to assigned client service responsibilities and established client service standards.

Multicultural Sensitivity & Advocacy:

• Demonstrate respect for cultural differences, fairness, and ability to relate well with people from varied backgrounds, nationality, gender, ethnicity, race, and religion.
• Understanding of diverse cultural views especially within West Africa, with sensitivity to group differences; ability to challenge bias and to practice tolerance and empathy.
• Ability to listen actively, consider people’s concerns and apply sound judgement, tact, and diplomacy.
• Ability to work in a diverse and inclusive interactive environment that benefits from diverse strengths.
• Ability and responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work.
• Ability to encourage, empower, and advocate for people in an unbias and transparent manner.

Analytical & Critical Thinking:

• Ability to study data/information from a variety of sources, identify anomalies, trends and issues, present findings, and make recommendations.
• Ability to break down problems or processes into key parts to identify and solve gaps in service, quality assurance, compliance, and performance targets.
• Knowledge of and ability to apply techniques to generate creative ideas and new approaches to meeting goals.
• Ability to use evidence and research to inform policies and programs and identify relevant and appropriate sources of information, including stakeholders, regional institutions and/or internal committees.

Communication:

• Demonstrate operational computer proficiency using appropriate tools.
• Ability to make sound use of graphics and tables to effectively present numerical data to write semi-complex technical reports/proposals and edit/check templates, letters, etc.
• Ability to convey information clearly and concisely in a succinct and organized manner through both writing and verbal means.
• Exhibit interpersonal skills, make presentations, express opinions, and debate ideas with others in a constructive manner.
• Proficiency in Information Communication Technologies (ICT).
• Fluency in oral and written expressions in one of the ECOWAS official languages of the Community (English, French & Portuguese). Knowledge of an additional one will be an added advantage.

Planning and Implementation:

• Ability to develop and implement an individual action plan for achieving specific work goals.
• Identify, organize, and monitor tasks throughout to facilitate execution.
• Ability to contribute effectively to audit project execution in line with established standards and techniques, while coordinating input from others to ensure deadlines are consistently met.
• Ability to organize work, set priorities, and work within timelines, giving attention to details, stakeholders, indicators, and risks.
• Ability to identify, collect and assess indicators to monitor performance and to take proactive remedial action as required.

Knowledge of ECOWAS:

• Knowledge of ECOWAS institutions, sectors, programmes, and policies.
• Knowledge of ECOWAS internal operational requirements of programs, projects, services, and systems required to achieve work assignments and meet performance goals.
• Knowledge of rules and procedures of ECOWAS associated assigned responsibilities and ability to explain these clearly to others.
• Knowledge of the ECOWAS culture, structures and performance issues and priorities impacting assigned responsibilities.
• Knowledge of member states development trends, indicators, challenges, and opportunities as it relates to project/programme assigned to own position.

Annual Salary
UA50,336.36 – UA57,817.17 (USD79,420.72 – USD91,223.93).

Application Closing Date
1st September, 2025.

How to Apply

Interested and qualified candidates should send their filled job application form with three (3) professional references, resume (CV) and a cover letter to: oagisauditor@ecowas.int using the job title as the subject of the email.

Click here to download the application form (Docx.)

Note

• Shortlisted candidates may be required to undergo a written test and subsequently an interview session.
• Successful candidates shall be subjected to further screening / background checks.
• Employment offers are contingent upon satisfactory background check.

Click here to download the Editable CV Template