ESSENTIAL DUTIES AND RESPONSIBILITIES
Includes the following (Other duties may be assigned):
- Responsible for maintaining an expert knowledge of the IS audit profession, keeping abreast of new and proposed standards in the Auditing field. Primarily directs and oversees reviews in the Information Services environment to appraise:
- Plan, direct and oversee assigned reviews ensuring reliability and integrity of data; compliance with policies, plans, standards and regulations; effectiveness in accomplishment of department goals and objectives; protection of assets; and economy, effectiveness and efficiency in use of information
- Establishes scope, objectives, and determines appropriate audit test with management input
- Participates in the assignment of staff for each review
- Attends/Leads opening and closing conferences as assigned
- Prepares and monitors budget and completion of work on time; evaluates and documents variances. Primary responsibility for project management, meeting set deadlines
- Performs and oversees team member’s fieldwork in a competent and professional manner
- Ensures evidential support for all observations and issues. Prepares workpapers and performs detailed review and approval of project team members workpapers ensuring sound audit theory, adequate documentation, support of conclusions and compliance with standards
- Presents findings concisely and descriptively in both oral and written format to all levels of management
- Communicates recommendations for auditee consideration and meet with auditee to develop comprehensive action plans to resolve issues
- Prepares draft report and finalizes status memo for presentation to management. Responsible for the completeness and accuracy of entire report subject to approval
- Prepares performance evaluation at audit project team level and for direct reports
- Follow-up on findings arising from reviews and the completion of management action plans in accordance with established standards and report on completeness and status
- Instruct on proper audit techniques. Have above average comprehension and ability to assess validity of existing policy and procedures, compliance to regulations and to develop sound and effective alternatives
- Participation in system development and implementation audits/projects to ensure controls are built in up front in the SDLC process (System Development Life Cycle)
- Assists to complete IT risk assessment on a project level for all entities
- Prepares and implements an IT training plan for the department and individual professionals
- Works on and supervises selected operational, financial and compliance reviews to supplement IS responsibilities.
- Reviews systems and related data ensuring reliability and integrity of data. Performs audit tests as assigned while providing proper security for highly confidential and sensitive information
- Leads/Performs special investigations as required, maintains discretion in sensitive and confidential situations
- Participates in customer relationship team to develop strong audit client relationships
- Oversees the planning, development and execution of queries and data-mining analytics to isolate anomalies, trends, fraudulent activities and/or to conclude on audit objectives
- Reviews results of analysis and provides recommendations pertaining to the impact of issues to the company and any associated actions required to mitigate those issues
- Develops, maintains and continually improves the design, implementation, efficiency and automation of the continuous auditing reports, tools and techniques used to evaluate company-wide controls on a continual basis
- Oversees the research, analysis and performance of testing sufficient to conclude on fraud investigations, Ethics Point investigations, and special projects for distribution to management while providing for proper security of highly sensitive and confidential information
- Continually reviews manual audit processes, results of control effectiveness, in conjunction with MICS and SAS 112 compliance efforts to identify opportunities, implement solutions, leverage technology and automation to improve assurance, enhance efficiency, and reduce the cost of compliance and risk coverage
- Installs, maintains, supports and monitors departmental software applications and any related hardware (TeamMate, ACL, Microsoft SQL Server, Terminal Services, Microsoft Internet Information Server)
- Monitors and supports Audit Services computers. Provides training, as required for all Audit Services applications
- Provides IT asset administration and inventory tracking for Audit Services technology assets Organizes and plans application upgrades or security patches
- Maintains an audit lab environment for testing applications and administers the process from test to production implementation
- May perform other duties that may be assigned.
Supervises project activities of project team members. Ability to lead a team, handle conflict, time pressures and challenges. Participates in departmental IT planning and budgeting. Must be able to handle multiple projects and plan completion of those assignments in a timely manner. Applies leading practices, new technology, and industry trend knowledge and concepts in risk identification and audit planning. Direct interaction with departmental management and maintains a strong working relationship with management, audit clients and employees. Performs interviews with department personnel professionally. Maintains confidentiality of information. Teamwork focused.
EDUCATION and/or EXPERIENCE
Requires a minimum of a Bachelor’s Degree and 5 years related audit and/or IT experience. Supervisory/ Leadership experiencerequired.
KNOWLEDGE, SKILLS AND ABILITIES
- Experience performing complex data analysis preferred using a combination of tools such as Audit Command Language (ACL) and SQL
- Advanced working knowledge of Microsoft servers, databases and SharePoint administration, TeamMate, ACL, Data securityMS Office, Visio, Visual Basic, Visual Basic Script, Visual Basic for Applications, .NET, data mining and T-SQL
- Advanced IT auditing skills that includes working in and supervising at all phases of an IT operational and regulatory review
- Ability to work independently or as part of a team. Must have excellent written and verbal communication skills. Must be able to mentor/coach staff on IT and audit related topics/situations. Must have strong interpersonal skills with the ability to work with personnel at all organizational levels, including members of senior management. Must demonstrate business awareness. Must be able to obtain Gaming Licenses required by the CNGC and OHRC.
- Strong knowledge of internal control concepts, principles and techniques including COSO, NIST and COBIT frameworks.
- Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE) or equivalent preferred
- Must be able to obtain and maintain a CNGC Gaming License.