Internal IT Auditor Job Description
Internal IT Auditor Duties & Responsibilities
To write an effective internal IT auditor job description, begin by listing detailed duties, responsibilities and expectations. We have included internal IT auditor job description templates that you can modify and use.
Sample responsibilities for this position include:
Internal IT Auditor Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Internal IT Auditor
List any licenses or certifications required by the position: CISA, CISSP, CIA, CPA, CISM, CIPT, CRISC, PMP, SOC, ISO
Education for Internal IT Auditor
Typically a job would require a certain level of education.
Employers hiring for the internal IT auditor job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Accounting, Computer Science, Finance, Information Systems, Business, Information Technology, Business/Administration, Education, Management Information Systems, MBA
Skills for Internal IT Auditor
Desired skills for internal IT auditor include:
Desired experience for internal IT auditor includes:
Internal IT Auditor Examples
Internal IT Auditor Job Description
- Seek to actively participate and contribute in various training, functions/initiatives which promote your own personal development, , the profile of the department
- Performing and documenting processes and drafting risk and control matrices
- Lead team efforts and as a result will be responsible for the logistics, planning and scoping of scheduled audits
- Coordinate and execute opening, update, and closing meetings
- Assess the reliability and integrity of IT and operating information and the means used to identify, measure, classify, and report such information
- Present audit findings or other relevant information to key stakeholders with respect to the effectiveness and adequacy of risk management, governance, and internal control procedures
- Actively develop, train, and supervise internal talent on a regular /daily/ basis
- Serve as a mentor and coach to staff members
- Drive planning, execution and management of information technology audits IT components of integrated audits
- Depending on assigned engagement, reports to member(s) of the internal audit management team
- Minimum 5-7 years IT / IT Audit experience in top tier or international public accounting firm or manufacturing operations
- Currently working within an audit / assurance role in industry or professional services
- Have exposure to dealing with senior stakeholders within a business
- Related tertiary qualification and a possible extra qualification such as CISA
- Relevant Degree, CIA / CISA Qualified or with a desire to study
- 3 - 10 years in Operational Audit and SOX (IT audit ok) in public OR internal audit
Internal IT Auditor Job Description
- Participate and lead integrated and IT audit engagements focusing on critical applications, trade execution, trade processing, IT core infrastructure, and IT general controls
- Support the Global Head of MCIA with audit planning, scope design, internal control assessment, escalation and reporting of issues, and monitoring of remediation plans
- Manage the semi-annual IT review conducted by the external auditors during the financial statement audit, including, but not limited to, documentation gathering, issue escalation, and management reporting
- Becoming a member of IT audit interest groups
- Performs Internal IT and Operational audit projects including audits of policies & procedures, processes, security, network, system configuration, database, application, and operating system specific audits SOX and other regulatory compliance audits
- Execute integrated IT audits of technology application and configuration controls
- Primarily responsible for leading the execution of IT audits from planning to report
- Examines information technology (IT) processes and systems by evaluating control risks and providing management with recommendations for improvements to policies, procedures and practices
- Evaluates the adequacy and effectiveness of general and key controls around IT systems and applications for SOX compliance and may develop and/or evaluate SOX test plans
- Actively communicates status and results with the project manager and other auditors assigned to the same audit
- Knowledgeable of change management techniques used to ensure application program changes are appropriately authorized, tested and approved for release to production
- Basic knowledge of Windows, Unix, Linux operating systems, and logical access controls, in order to understand how they compliment or enhance application logical access controls
- Basic knowledgeable about relational databases
- Able to effectively interact with senior management and maintain strong relationships with clients
- Able to travel up to 50-60% globally
- Minimum 2 years of information systems auditing or other relevant experience
Internal IT Auditor Job Description
- Reviewing and completing IT audit program steps
- Evaluating general computer and automated internal controls
- Identifying control and system weaknesses and control process improvements
- Identifying improvements in operational efficiencies
- Provide real time feedback to the plan or function for ways to make identified control or operational improvements
- Be aware of and address cyber security concerns that are applicable to the Company
- Document clear and concise work papers to support the audit work performed including evidencing the testing samples or procedures performed
- Perform data analytics and utilize data analytics software (IDEA)
- Prepare audit comments recommending improvements in IT internal controls and IT processes
- Actively participating in and/or leading opening audit meetings
- Programs and System Knowledge - Experience in auditing applications, interfaces, system infrastructure, information processing and general IT controls
- Ability to manage multiple projects concurrently with proper time and project management skills (e.g., following up on open items, meeting deadlines)
- Two (2) or more years of relevant audit work experience, preferably within a Big 4/5 environment, financial services industry
- Ability to apply auditing protocols
- IT security and control practices for relevant platforms and systems
- Bachelor's degree in Accounting /Finance, or Computer Science or related field
Internal IT Auditor Job Description
- Communicate with management and those subject to audit
- Coordinate and work with finance and operational auditors
- Conduct timely and effective audit planning, execution and reporting
- Contribute to the audit planning and audit reporting for specific audits
- Assist with other audit matters and projects as needed
- Performs/documents system and application walkthroughs
- Appraises adequacy of internal control systems by reviewing process flowcharts for appropriate design, policies and procedures and risk-based audit programs, and recommends enhancements to the system of internal controls
- Conducts interviews with auditees to understand processes and gather information to support audit scope and objectives
- Conducts Sarbanes Oxley 404 (SOX) and operational audit tests timely and accurately, documenting the audit results and related conclusions
- Ensures IT audit testing utilizes appropriate sampling techniques and data analysis (in accordance with Internal Audit's policies and procedures and IIA standards)
- Must be able to work as an individual contributor team player
- Four year degree in Accounting, Information Systems or related degree required
- Minimum of 1-2 years of auditing experience with a public accounting firm, preferably one of the “Big Four”
- Retail industry knowledge and experience preferred
- Strong accounting skills including general knowledge of generally accepted accounting principles (GAAP) preferred
- Virginia-licensed CPA or CISA preferred
Internal IT Auditor Job Description
- Prepare written draft audit reports for IT senior management
- Interact with senior levels of management (CIO, CFO, Controller, ) to communicate audit risks, issues and related corrective actions
- Interface with the external auditors to ensure adequate IT audit coverage and to encourage the sharing of information where practicable
- Play an important role in the administration of the Company’s control self-assessment program and various education efforts related to SOX 404, internal controls, and fraud risk management
- Contribute to IA Department management strategy to develop, sustain, and continuously enhance the image and perceived value of the IA within the Company
- Provide robust challenge on major projects
- Undertake investigation or special reviews
- Assist with the execution of the Company’s internal control testing program (SOX)
- Participate in IT operational audits based on a risk approach of the Company’s mills, corporate processes and other specific areas pursuant to the annual audit plan
- Identify instances of non-compliance with the Company’s policies, guidelines and procedures
- Plan and execute audits of client/server technology platforms (e.g., UNIX, Windows, and Mainframe) and evaluate IT internal controls and work collaboratively with management to identify actions needed
- Support audits and consulting engagements related to software development, general computing controls, client-server and open systems architecture, internet and intranet functionality, database extraction, technology strategy, data communication and network security
- Assess information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of business information
- Acquire knowledge of departmental standards, develop an understanding of CA’s business, seek direction in prioritizing and managing time and comply with various project administrative responsibilities
- Provide or assist in providing training, coaching and guidance to Internal Audit staff in conducting IT audits and other audit-related issues
- Understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology