Systems Auditor requirements are out!
The MDIA has announced the requirements of the Systems Auditor. The ITAS Acts were set up earlier this year and will come into force on 1st November 2018. The three principles of these acts are for user protection, market stability, and market integrity. Within the ITAS Act guidelines, two roles are identified; Systems Auditor and Technical Administrator.
The Systems Auditor will be on the forefront of an audit of technical arrangements and services. There are several requirements as shown in the photo below, taken from a presentation by Mr. Stephen McCarthy from MDIA. He presented this material at the OXBC Day and GBA Summit on 31st October 2018.
As can be seen above, a Systems Auditor needs to have a qualification in ICT or Information Security at least at MQF level 6. It is required that the Systems Auditor has appropriate certification in IT Audit, IT Risk or IT Security Management. The MDIA does not only look for academic achievements when awarding this role, but it also looks at the amount of experience a candidate has and expects a considerate amount of experience in carrying out audits and reports. Another requirement that is necessary is that the candidate must have performed work in ITAS in the last three years for a duration of two years or over.
Mr. Stephen McCarthy understands that the requirements of a Systems Auditor for a company which deals with higher risk would require more advanced requirements. MDIA would consider the shared capital of the company, the customer base (and the risks involved), and other risks. The guidelines for the higher additional requirements for a riskier audit will be published in the coming days.
