Summary of Job
Leads audit team in conducting comprehensive reviews of information systems that support businesses and product lines and rendering a report detailing control and operational improvements required. Will perform application reviews independently or assisting audit teams. Executing or providing guidance and/or assistance in executing audit software (ACL). Participate in otherInformation Technologyaudits. Provides a controls related oversight of information technology universe as an integrated part of the Audit & Advisory Services function.
? Based upon an understanding of the critical IT controls within the business process/area under review, develops a detailed risk assessment and the related audit planning memo and audit programs to test controls mitigating risks identified. Such controls may go beyond the normal IT general controls (15%).
? Performs tests and other review procedures to adequately examine business controls and identify areas of weakness or risk. Ensures that audit assignments are completed within established time limits (25%).
? Prepares audit workpapers and reviews workpapers submitted by audit staff for accuracy, completeness, and compliance to company and professional standards (25%).
? Prepares reports at the completion of each audit assignment on the results of the examination, makes recommendations where corrective action is needed. Ensures reports are produced timely after each assignment, highlighting weaknesses identified and recommendations for improved internal controls and procedures (25%).
? Participates in the training, development and motivation of staff to maintain standards of knowledge, skills and disciplines essential to the performance of internal audit (5%).
? Other duties as assigned (5%).
Dimension of the Job
Reports to: Manager, Information Technology
Scope of Responsibility:
? Has to be completely current in the information technology area, especially with recent development in various technologies and technology related events. Is capable of working independently or serving as “in-charge” of audit team in planning, organizing, reporting and completing IT operational and application audits or special projects.
? Capable of working with or as part of an integrated team with Financial/Operational auditors or directly with the highest levels of Operating or IT management.
? Understands all information technology aspects of areas under review and the related control requirements. Develops and executes audit procedures to comprehensively test critical controls that mitigate general/generic and specific risks identified to the area under review.
? Fully understands businesses and information technology strategy (at the conceptual as well as the execution level) and can communicate this knowledge to non-IT professionals within and outside the Audit & Advisory Services function
? Provides on the job training and coaching to both IT Audit and Financial/Operational staff in the areas of IT controls and data retrieval and analysis using ACL.
? Establishes and maintains effective working relationships with management and staff. Demonstrates the highest degree of professionalism and competence.
? Travel requirements 15%.
Business Experience/Educational Background
Strong process and analysis skills. Demonstrate critical thinking relative to his/her area of technical expertise and business acumen. High level of IT knowledge, particularly in operations, data security and controls. Excellent interpersonal, written and verbal communication skills. Strong PC skills. Minimum of seven years of experience to include IT general controls, application controls, information security, data center (mainframe and client/server) and operational IT audits along with application reviews of ERP systems. In depth experience in data extraction and analysis using specialized audit software (ACL preferred). BS or BA in Information Systems, Computer Science, or a related business field is required. CISA preferred, CPA/MBA a plus.