This post provides detailed information on the senior IT auditor job description, including the key duties, tasks, and responsibilities that they typically perform.
It also highlights the major requirements that you may be expected to fulfill to be hired for the senior IT auditor role by most recruiters/employers.
What Does a Senior IT Auditor Do?
The senior IT auditor has the responsibility to design, plan, and implement an organization’s IT audit programs taking into consideration its risk assessments.
Working in a highly integrated audit environment, the senior IT auditor’s job description entails documenting risks and communicating them to appropriate departments and personnel of the organization, giving advice on recommended process changes and control issues, and ensuring improvement are effected on existing practices by supervising corrective actions on them.
He/she carries out the creation and coordination of assessments on IT/business risk; development and implementation of business/IT audit testing plan and ensures the results are discussed with management; and provision of guidance and leadership on issues concerning control.
The senior IT auditor’s role in an organization also involves evaluating control environment in reflection of immerging trends in the information technology space, including cloud computing, BYOD, and social media.
He/she is responsible for evaluating information system development and processes of execution against life cycles of system development and project management.
It is also part of his/her duties to find ways to expand coverage and efficiencies for audit projects by identifying opportunities for the application of computer supported audit techniques.
He/she performs documentation and summarization of action plans, recommendations, and findings in an audit report.
The auditor discusses with the business management and IT and arrives at a consensus on findings and recommendations.
He/she also presents reports to the Audit Committee, business management, and audit management.
The work description of the senior IT auditor entails tracking and managing all audit issues to completion and making sure that responses from management are received in a timely manner, and that audit issues conform to recommendations, as well as having an estimated completion date that is reasonable.
The auditor also has the obligation to serve as a department resource to answer relevant questions and provide guidance on technical matters in the organization.
He/she gives support to other auditors by extracting and providing them with relevant data for analysis.
His/her purpose in an organization also entails supporting external audits and regulatory examinations by preparing and submitting relevant documentation and reports that are being requested.
Senior IT Auditor Job Description Example/Sample/Template
The job of the senior IT auditor entails various functions in ensuring the success of an organization’s IT audit programs.
The specific duties, tasks, and responsibilities an individual will expect to perform on the role in most organizations are shown in the job description example below:
- Carry out review of organizational activities assigned following departmental standards, as well as the Standards for the Professional Practice of Internal Audit
- Following department and professional standards, plan, develop and execute corporate IT audit projects created to provide accurate assessment of operational performance and internal control processes
- Produce and review reports and audit work papers, ensuring effective documentation of results of reviews on assigned activities that have been made, as well as the recommended action that management should take, for easy follow up
- Identify potential IT risks and related issues by applying knowledge of Information Technology industry trends and present IT environment
- Perform the required IT audits of the organization as an individual or working in a team, following both established department standards and the Standards for the Professional Practice of Internal Audit established by the IIA
- Make comprehensive plans to carry out individual audit tasks, including determination of audit objectives, identifying major controls and risks, and creating the right audit program; make recommendation of required budget and staff to complete the project
- Produce report of audit functions to enable the Audit Committee of the Board of Directors and the Corporate and operating management make objective assessment of processes and operations, systems, and planned corrective actions by management
- Take part in major IT initiatives and projects as well as in reviews of security systems and internal controls under development
- Participate in developing and implementing a detailed audit plan that takes into consideration risk assessment, goals and objectives of management, as well as the Board Audit Committee requirements
- Carry out estimation of skills and time needed to complete audit projects; find out potential audit areas; and provide assistance in determining the level of inherent risk
- Participate in special projects or studies such as fraud investigation, risk assessment, due diligence acquisition reviews, audit department policy updates, etc.
- Assist in meeting the requirements for the quarterly and annual SOX 302 and 404 certifications.
Requirements – Skills, Abilities, and Knowledge – for the Senior IT Auditor Role
When applying for the job of an IT auditor in the senior category, employers will generally want to be sure that you have the ability, knowledge, skills, experience, etc. to successfully carry out the objectives, purpose, and responsibilities of the role.
Shown below are major requirements most hirers may expect you to fulfil before given the chance for an interview to access the senior IT auditor position:
- Possess advanced knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, change control, data privacy, and business continuity
- Broad audit experience across various areas of IT, including databases, operating systems, and applications
- Strong proficiency and skills with database applications, including Access and SQL, Microsoft Office and other related technologies
- Strong ability to give attention to detail in addition to organization and project management skills
- Possess sound judgment, business risk awareness, and inquisitive personality; ability to think critically and critic event and outcome professionally
- Strong ability to research and gather information from both business and IT functions
- Strong analytical and problem solving skills to resolve issues promptly as they occur
- Strong ability to work collaboratively and cooperatively with all employees irrespective of their status in the organization
- Strong presentation, verbal and written communication, and interviewing skills
- Exceptional ability to work on and manage multiple projects and responsibilities effectively
- Exceptional interpersonal skills to get other people to put in additional efforts at achieving departmental goals, as well as to build consensus across diverse teams
- Strong knowledge of the various auditing standards recognized in the industry, including ISACA IS Audit and Assurance Standards and Guidelines and Institute of Internal Auditors (IIA) Standards and Guidelines
- Possess Bachelor’s degree in Computer Science, Information Systems, or in other related field
- Possess any of the recognized certification in the industry, such as the Certified Information Systems Security Professional (CISSP) or the Certified Information Systems Auditor (CISA).
If you are hiring for the position of a senior IT auditor in your organization, the sample job description provided in this article will help you create a good description that perfectly presents the purpose, objectives, and obligations of the role so that interested candidates can be properly guided.
This post also presents exhaustive information about the senior IT auditor’s duties and responsibilities for individuals interested in the career to learn all they need to about it.