Job DescriptionJOB SUMMARY
The IT Audit Manager will play a key role in the development and execution of the IT audit strategy and should possess a strong understanding of information technology, finance, operational and compliance related risks and controls. This individual will interact on a regular basis with all levels of management and will be responsible for developing a strong strategic partnership with the Information Technology function. In addition, this position will directly supervise two direct reports and will be responsible for coaching and developing associates in preparation for new roles and additional responsibilities.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Leads teams conducting or individually performs audits in accordance with Generally Accepted Auditing Standards as set forth by the AICPA, the Standards for the Professional Practice of Internal Audit as set forth by the IIA, and department standards:
- Leads the preparation of detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program. Determines and monitors the necessary budget to complete the project.
- Analyze IT environment including: operating systems, applications, infrastructure, policies and procedures, etc
- Leads audit activities in a professional manner.
- Defines scope and testing procedures, using data analytics where appropriate.
- Monitor and provide periodic status updates on each project.
- Reviews and prepares audit work papers in accordance with department and professional standards that document all audit procedures, findings and recommendations.
- Explores alternative courses of action for correcting control weaknesses, resolving operating problems or improving performance, and prepares recommendations.
- Leads the presentation and review of audit findings, including root causes with members of operating management.
- Analyzes the adequacy of actions initiated or proposed by management to implement or improve internal controls, or improve operational effectiveness. Follows up to ensure acceptable and timely execution of management action plans.
- Writes audit reports designed to provide management and the Audit Committee of the Board of Directors with an objective assessment of systems, processes and operations, and management’s planned corrective actions.
- Performs special assignments, studies, or special projects as assigned.
Leads all aspects of the HRB enterprise process to achieve compliance with Information Technology requirements within Sarbanes-Oxley (SOX):
- Continually refine methodology as internal, external, and regulatory requirements change.
- Lead continuous improvements efforts within the program while maintaining high levels of quality and execution.
- Facilitate the process for management’s evaluation of the effectiveness of internal controls over financial reporting and evaluation of changes to internal controls over financial reporting and related systems.
- Coordinate with IT Governance, External Auditors, and management for all aspects of the IT SOX program.
Monitors performance and develop team members to ensure consistent, effective, and efficient performance. Prepares and delivers associate annual performance reviews, including performance metrics for each performance objective. Conduct employment interviews, make hiring decisions, and participate in corrective action as needed.
Lead the development and execution of a comprehensive audit plan based upon risk assessment, management’s goals and objectives, and the requirements of the Audit Committee. Gathers information about potential audit areas, assists with assessing the degree of inherent risk and estimating the time required to complete audit projects.
Perform or assist in the performance of special projects or studies, including risk assessments, fraud investigations, audit department policy updates, security incident reviews, etc.
Participates in professional associations and maintains relationships with counterparts in other companies, in order to stay abreast of professional technical trends and techniques. Review and analyze new, proposed, or revised laws, regulations, policies, and procedures in order to interpret their meaning and determine impact to the company.
- Bachelor’s degree in computer science, accounting, finance or a related field
- Certification as a Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or other certification for which Internal Audit has a need.
- A minimum of five years audit experience in an environment that provides exposure to sophisticated IT, operational and financial audit techniques. Equivalent experience in a technical capacity is acceptable in lieu of direct audit experience.
- Expertise of SOX compliance requirements and has a track record of leading and executing successful SOX audits.
- Mastery understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology.
- Knowledge of auditing principles and techniques including knowledge of Generally Accepted Auditing Standards and the Standards for the Professional Practice of Internal Audit.
- Demonstrated critical thinking and analytical skills.
- Demonstrated organizational and leadership skills, including the ability to successfully manage multiple projects simultaneously.
- Exceptional oral and written communication skills suitable for all levels of management. Ability to negotiate and inspire corrective action by management and influence internal and external parties
- Demonstrated commitment to continuous personal professional development.
- Ability to work effectively as a team member of a diverse work group.
- Familiarity with COSO, COBIT, ISO and ITIL frameworks
- Operational knowledge of Generally Accepted Auditing Standards and the Standards for the Professional Practice of Internal Audit.
- Self-starter, with the ability to work independently with minimal supervision.
- Proficient in the use of MS Word, Excel, PowerPoint and Visio.
- Big 4 or large firm experience.
- Experience with TeamMate software.
- Data analytics experience, preferably in ACL.
- Information Security experience
- Masters degree in IT, business, accounting or another relevant discipline