IT Audit Job Description
IT audit
provides external audit support to annual reviews and certifications (SSAE-16 (SOC 1/SOC 2), PCI DSS, and ISO 27001/27701).
IT Audit Duties & Responsibilities
To write an effective IT audit job description, begin by listing detailed duties, responsibilities and expectations. We have included IT audit job description templates that you can modify and use.
Sample responsibilities for this position include:
Define data needs for computer assisted auditing tools and techniques (CAATTs) to increase the efficiency of the audit process
Delivering on-time high quality audit reports, internal audit and regulatory issues validation
Maintain technical expertise and apply leading practices in advanced audit techniques
Keeping abreast of evolving technology and audit techniques/practices
Prepare audit reports and present observations, recommendations, and management action plans to senior management
Preparing reports of audit findings for senior management at local, global, functional and Group levels
Develop strong understanding of the Enterprise Data Management processes and businesses audited and the role of technology to support the business processes
Managing multiple teams of audit professionals, recruiting staffs, developing talents, and building an effective team to support financial/operational audit team and clients
Overseeing and driving Information Technology audit coverage in accordance with departmental, Institute of Internal Auditors Standards, and regulatory expectations and requirements
Annual audit planning, resource allocation, and budgeting
IT Audit Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Audit
List any licenses or certifications required by the position: CISA, CISSP, CIA, CISM, CPA, CRMA, PMP, GIAC, PPM, CITP
Education for IT Audit
Typically a job would require a certain level of education.
Employers hiring for the IT audit job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Accounting, Computer Science, Finance, Information Systems, Business, Management Information Systems, Information Technology, Business/Administration, Technology, Computer Information Systems
Skills for IT Audit
Desired skills for IT audit include:
Sarbanes-Oxley Act provisions and methodologies for achieving compliance
Audit reports
Work programs
Control summaries
SQL
Audit methodologies and developing key internal audit deliverables
Oracle
Active Directory
ISO 27001/2
Techniques
Desired experience for IT audit includes:
Ability to manage staff and lead cross functional teams comprised of diverse backgrounds and skill sets
Leadership and ability to motivate team to deliver high quality results
A high degree of enthusiasm and energy
Strong understanding of inherent technology risks and the ability to articulate/translate technology residual risks into business language/business impact
Strong personal integrity with high ethical standards and treating people with respect
Excellent project & time management skills with proven ability to meet deadlines
IT Audit Examples
1
IT Audit Job Description
Job Description Example
Our growing company is looking to fill the role of IT audit. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT audit
- Continually assessing and revising the strategy and direction of the program of audit coverage for designated clients based on industry changes, clients business and technology changes
- Maintaining strong relationship and partnership with Senior Executives and ability to proactively seek, engage, and provide risk and control advisories to clients’ technology landscape
- Applying comprehensive business and industry knowledge to the team to focus on risks associated with the Technology controls
- Meeting with regulators, internal and external Sox team to discuss audit plans and negotiate Sox reliance
- Identify risk area and efficiencies in system evaluations
- Develop IT audit programs and prepare associated communications to Internal Audit (IA) staff and stakeholders with an emphasis on technology
- Complete IT audits through effective time/budget management, measure progress, and propose revisions to reflect changing priorities
- Coordinate completion of audits in assigned areas with other IA associates to ensure integration of cross-functional business and information technology
- Liaise with T&O and CM application groups to ensure agreement with content and methodology of audits
- Provide value by helping management on all levels in T&O and CM application groups to identify and mitigate
Qualifications for IT audit
- Prior public accounting firm experience serving mid to large public clients
- Public accounting/consulting firm experience preferred
- University graduate in Information System, Accounting or Finance with CISA qualification
- A minimum of 6 years IT audit experience from Big 4 and/or commercial industry
- Minimum of 2 or more years of experience in Information Technology, demonstrating a steady growth of skills and responsibility
- Undertake a consultative style with audit clients to improve risk management and control environment
2
IT Audit Job Description
Job Description Example
Our company is looking for an IT audit. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT audit
- Conducting IT audits across the business
- Supporting on IT related matters with regulators and external auditors
- Ensuring compliance and identifying potential risks within areas in IT
- Ensure timely communication to audit manager and relevant stakeholders regarding the risks, recommendations, and progress of the audit work
- Assisting clients in optimizing their risk and internal control activities, including control effectiveness and optimization activities
- Establishing IT is aligned to organizational strategy, responsive to a changing business climate, with clearly defined policies and procedures
- Assessing and enhancing the controls around system implementations and other change events through a clearly defined project management methodology
- Performing readiness assessments for service organizations that may need an opinion level report in the future
- Assisting clients in leveraging their technology investments to help establish, optimize, and sustain a real-time controls environment at an enterprise level
- Supporting controls and systems related aspects of internal audits and external financial audits in the areas of planning, audit strategy, scoping, execution, and deficiency evaluation
Qualifications for IT audit
- Ability to work independently part of team
- Industry certifications such as CISSP, CISA, CISM, COBIT, ITIL, or SANS GIAC
- Proficient in the assessment of control design and operational effectiveness
- Proven ability to interface effectively across all levels of management
- More than 8 years of experience in banking related enterprise business applications, IT audits, risk assessment and management, and/or relevant internal audit works
- Ability to analyze and form an opinion on risks and controls relating to systems and link to associated
3
IT Audit Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of IT audit. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT audit
- The position will work as team member in a global audit team together with Principal Audit Managers
- The position offers the opportunity to develop relationships across the company's franchise and to communicate orally and in writing the results of the work to clients at all levels
- Working with the financial and internal audit staff and client management to ensure that all areas of the audit and compliance process are completed to the highest standards
- Supporting the Regional IT Audit and Risk Director in the development of the rolling audit plan and performing business risk assessments
- Validate that IT audit work considers current and future technology issues and practices
- Formulate and agree with auditees the action plans and implementation schedules to rectify and control anomalies
- Manages and oversees a portfolio of internal audits
- Involvement in strategic projects and initiatives through the provision of risk, control and governance consultancy
- This position will engage with internal Business Units in strategic planning discussions which include
- Devises and recommends remedies to faulty systems and procedures
Qualifications for IT audit
- Ability to prioritize tasks, as several assignments may occur concurrently
- Willingness to stay abreast of new developments in technology, with a special focus on their effect on systems security
- Knowledge of operating system technology
- Plan, organize and manage multiple responsibilities and resources
- Manage assignment budget and profitability in area of responsibility
- 2+ years of experience leading IT Audit and/or Technology Risk Management engagements and working with Auditing standards, Information Security Compliance and relevant Regulatory requirements (including the Sarbanes-Oxley Act, COSO, CobiT and SAS-70)
4
IT Audit Job Description
Job Description Example
Our growing company is looking to fill the role of IT audit. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT audit
- 7+ years of IT audit, people supervisory experience, some of it at a public company
- Reporting to the AP (IT Audit & Change), you will take a lead role in delivery of IT audit assignments covering a range of Technology areas ensuring the provision of assurance in relation to the adequacy, effectiveness and sustainability of key risk management, control and governance processes
- Support the AP in delivering a reliable periodic opinion on the adequacy, effectiveness and sustainability of key risk management, control and governance processes and ensuring the rationale for the GA assessment is communicated clearly to Senior Management
- Take responsibility for the execution of a portfolio of IT audits and deliver to budget, time and quality requirements in line with GA methodology and professional best practice
- Support the AP in driving meaningful business change through the audit delivery process and champion continuous improvement of risk management and control across the Group in respect of the above functional areas
- Attend relevant governance committees and fora within IT and Change governance areas to build influence across the Group
- Develops technology risk based strategic and operational plans for the work group, manages execution, and measures results
- Ensures that work is conducted in accordance with relevant professional standards
- Review and approve audit plans and activities for business and information systems audits
- Lead day to day execution of IT and business process assessment related to a pre-implementation review of an SAP ERP system
Qualifications for IT audit
- Bachelor degree or equivalent combination of education
- Excellent verbal and written communication skills, self-motivation, and be able to work independently
- Minimum of 2 or more years of experience in Information Technology, demonstrating a steady growth of skills and responsibility required
- 2 years of SOX IT Audit experience preferred
- Ability to adapt to change, company has many different complex systems and an ever changing technical landscape
- Ability to translate technical issues and understandable business related decisions for management
5
IT Audit Job Description
Job Description Example
Our company is growing rapidly and is hiring for an IT audit. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for IT audit
- The senior manager works with Components on engagement issues and works with Partner/Principal/Director to resolve staffing and resource issues
- In addition, these individuals apply their expertise to the practical issues they identify or those presented by the client
- Deliver a complex portfolio of technology and integrated audits, with a focus on applications, system infrastructure, general computer controls, and data analytics
- Partner with the Head of Audit - North America to ensure all key specialist risks are appropriately covered for Commercial Banking
- Plan, organize and deliver work on audit engagements
- Facilitate corporate IT audits (SOX)
- Management and direction of assigned staff to ensure completion of complex IT audits within departmental and professional standards in established timeframes
- Assist in the development and ensure timely execution of the IT audit plan
- Coordinate effectively with Executive Director – Global IT and global audit team to complete global projects as assigned
- Support ASG regulatory, operational and financial audit engagements that require IT audit specialists
Qualifications for IT audit
- Notable (at least 5 years) experience in the disciplines outlined above with a minimum 3 years' experience in IT audit is a pre-requisite
- University Degree in Information Technology, Computer Engineering or any relevant field
- An industry-recognised security certification such as CISA, CISM, CISSP or equivalent will be beneficial
- Strong written / verbal communication skills and the ability to communicate effectively in conflicts and at all management levels
- IT, systems, engineering or similar degree
- CISA, CISM or equivalent