Information Technology and Systems Audits (Stream 3)

This work-stream will require the services of professionals to assess the adequacy of a range of activities that may include the following:

• Information technology security;
• Business continuity planning/preparedness;
• Information management policy compliance;
• Systems under development;
• Service management;
• Information technology strategic plans;
• Governance processes related to information technology;
• Configuration management and change control;
• Electronic data interchange and electronic funds transfer;
• Data Migration and data integrity;
• Internal control on financial systems; and
• System life cycle technical and organizational development.

Also required under this work-stream are professional services to provide business and technical information support services to audit organizations and may include anyone of the following:

• Data extraction and basic and advanced data analyses;
• Technical configuration of audit software;
• Business customization of audit software;
• Training and other services for the implementation of audit software;
• Post implementation reviews and evaluations of audit software; and
• Management of information technology consulting services, including technology strategy development, to audit organizations.

Minimum Mandatory Qualifications and Experience for the Resource Categories:

The following are the minimum mandatory requirements that must be met by the Contractor's personnel identified under each applicable resource category for work to be performed under this work-stream. User departments cannot reduce these minimum requirements but, if necessary, user departments may increase these requirements at the Request for Proposal (RFP) stage:

Partner/Managing Director

Education/Professional Qualifications:

• Professional Designation in any one of the following: CA, or CMA, or CGA, or CIA; OR
• a degree/diploma from a recognized university or college, which is relevant to the work-stream; AND
• CISA, or CISM, or CISSP.

Experience:

• Must have a minimum of eight (8) cumulative years experience in the audit of information technology and systems within the last ten (10) years.

Project Manager/Leader

Education/Professional Qualifications:

• Professional designation in any one of the following: CA, or CMA, or CGA, or CIA; OR
• a degree/diploma from a recognized university or college, which is relevant to the work-stream; AND
• Certified Information Systems Manager (CISA), or Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP).

Experience:

• Must have a minimum of six (6) cumulative years experience in the audit of information technology and systems within the last ten (10) years.

Senior Auditor

Education/Professional Qualifications:

• Professional Designation in any one of the following: CA, or CMA, or CGA, or CIA; OR
• a degree from a recognized university or college relevant to the Work-stream; AND
• CISA, or CISM, or CISSP.

Experience:

• Must have a minimum of three (3) cumulative years experience in the audit of information technology and systems within the last ten (10) years.

Auditor

Education/Professional Qualifications:

• Degree/Diploma from a recognized university or college relevant to the work-stream.

Experience:

• Must have a minimum of two (2) cumulative years experience in the audit of information technology and systems within the last ten (10) years.

Junior Auditor

Education/Professional Qualifications:

• Must be in the process of obtaining a degree/diploma from a recognized university or college, which is relevant to the work-stream, or in the process of completing an apprentice program relevant to the work-stream.