Ayanda Hlongwane
Fourways
Summary
A Certified Information Systems Auditor (CISA) with over five years of experience in IT audit and technology risk management, specifically within consulting and financial services. I have conducted IT technical audits, compliance reviews, cybersecurity assessments, and business process reviews across the financial services, telecommunications, insurance, and manufacturing sectors. I am passionate about driving business resilience by identifying control gaps, mitigating risks, and optimizing processes.
Overview
7
7
years of professional experience
Work History
Assistant Manager - Internal Audit
Bidvest Bank
Sandton
05.2023 - Current
- Lead and execute IT audit engagements across IT General Controls (ITGC), cybersecurity, and regulatory compliance domains.
- Design and implement risk-based IT audit plans aligned with industry standards and regulatory expectations.
- Evaluate the effectiveness of IT security controls, data protection strategies, and incident response capabilities.
- Collaborate with cross-functional teams to strengthen IT governance and enhance control frameworks.
- Manage internal audit reporting processes, communicate key findings to senior leadership, and drive actionable risk mitigation.
- Ensure adherence to regulatory frameworks such as NIST, AML, RDARR, and other applicable industry standards.
- Assist in managing and executing the Internal Audit Plan, as approved by the Audit Committee, and ensuring timely delivery of audit engagements in line with strategic priorities and risk assessments.
Senior IT Auditor
BDO LLP
London
08.2022 - 04.2023
- Evaluated the effectiveness of existing internal control mechanisms in order to provide assurance that information is secure and reliable.
- Conduct infrastructure audits, including assessments of database controls, operating system configurations, and network security controls, to ensure robust and secure IT environments.
- Leverage data analytics (DA) to enhance audit planning, identify risk indicators, and drive efficiencies during audit fieldwork and testing procedures.
- Perform cybersecurity assessments to evaluate the organization's security posture, identify vulnerabilities, and ensure alignment with industry standards.
- Review and assess SOC (System and Organization Controls) reports to evaluate third-party risk.
Audit Associate
Ernst and Young (EY)
Sandton
03.2020 - 07.2022
- Conduct IT audits on SAP systems covering Basis configurations, user authorizations, SAP application controls, and SOX compliance.
- Perform IT audits on non-SAP applications, including assessments of IT General Controls (ITGCs), and IT application controls.
- Identify and evaluate General IT Controls (GITCs) and associated risks, performing control testing, and assessing effectiveness.
- Execute SOX control testing, including application and interface controls, to support external audit reliance.
- Assess and test application controls to support financial audit objectives, and compliance requirements.
- Evaluate interface controls to ensure data integrity across integrated systems.
- Respond to ineffective GITC evaluations by engaging with clients, discussing findings, and providing practical recommendations.
Risk Analyst
Platinum Life
Sandton
06.2018 - 02.2020
- Conduct client data generation, research, and collection to support actuarial and risk-based analyses.
- Analyze health-related data to assess client risk profiles and support accurate classification for premium pricing.
- Collect and evaluate prospective clients' health information to determine appropriate risk categorization for tailored insurance solutions.
- Assist in aligning health cover recommendations with each client’s medical needs and risk classification.
Education
Certified Information Systems Auditor - Auditing
Information Systems Audit And Control Association
06-2025
Bachelor of Commerce - Management Information Systems
University of Johannesburg
Johannesburg11-2016
Bachelor of Commerce - Management Information Systems
University of Johannesburg
Johannesburg11-2015
National Senior Certificate -
Cladelton College
12-2012
Skills
- Risk management
- Data analytics, SQL
- Regulatory compliance
- Cybersecurity assessment
- Control testing
- Sap GRC (governance, risk, and compliance)
- SAP (Basis, authorizations, application controls)
- COBIT framework
- Nist cybersecurity framework
- ISO 27001
References
References available upon request.
Timeline
Assistant Manager - Internal Audit
Bidvest Bank
05.2023 - Current
Senior IT Auditor
BDO LLP
08.2022 - 04.2023
Audit Associate
Ernst and Young (EY)
03.2020 - 07.2022
Risk Analyst
Platinum Life
06.2018 - 02.2020
Certified Information Systems Auditor - Auditing
Information Systems Audit And Control Association
Bachelor of Commerce - Management Information Systems
University of Johannesburg
Bachelor of Commerce - Management Information Systems
University of Johannesburg
National Senior Certificate -
Cladelton College
Similar Profiles
Mosoeu Khabelo Gladwin RabotapiMosoeu Khabelo Gladwin Rabotapi
Accountant at Bidvest BankAccountant at Bidvest Bank
Hellen HlongwaneHellen Hlongwane
Fraud Prevention Analyst at Bidvest BankFraud Prevention Analyst at Bidvest Bank
Nonhlanhla NgwenyaNonhlanhla Ngwenya
Call Centre Team Leader at Bidvest BankCall Centre Team Leader at Bidvest Bank
Thembela MasoetsaThembela Masoetsa
Co-Manufacturing Plant Controller at Nestle SA (Pty) LtdCo-Manufacturing Plant Controller at Nestle SA (Pty) Ltd
Mainah Mura MachombeMainah Mura Machombe
Vetting, Leasing and Billing Manager at Houss RentalsVetting, Leasing and Billing Manager at Houss Rentals