IT Audit Analyst Job Description
IT Audit Analyst Duties & Responsibilities
To write an effective IT audit analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT audit analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Audit Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Audit Analyst
List any licenses or certifications required by the position: CISA, CISSP, CPA, CIA, CRISC, ICFR, CISM, CEO/CFO, CFE, CGEIT
Education for IT Audit Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT audit analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Accounting, Information Technology, Information Systems, Business, Finance, Business/Administration, Engineering, Education, Management Information Systems
Skills for IT Audit Analyst
Desired skills for IT audit analyst include:
Desired experience for IT audit analyst includes:
IT Audit Analyst Examples
IT Audit Analyst Job Description
- Develop the information security awareness, training and education program-s strategy and methodology
- Facilitate or lead development of accurate and relevant information security process and operational metrics
- Establish monitoring measures to detect and ensure correction of security breaches and policy violations
- Analyze and enhance the effectiveness of the Enterprise wide information security program
- A broad and deep knowledge of technical accounting and business practices
- Experience working with highly complex systems, and in extremely technical business environments
- Experience using computers, Microsoft products, report writers and audit software packages as audit tools
- Experience working with ACL analytics is a plus
- An objective, independent, mature, unbiased individual with the highest integrity
- Polished communication skills, including an ability to listen to the needs of the business units and comprehend complex matters
- Ability to work effectively across the organization, effectively soliciting full cooperation and being accepted by business partners as a true value add
- Excellent team player who works extremely well in a in a collaborative environment
- Ability to influence, train, mentor and leverage the skills of others to achieve objectives
- Assisting the CIA with preparation, proofing and editing of quarterly Audit Committee Status Report and Annual Audit Plan
- Proofing and editing internal audit reports and other correspondence for clarity, format, and, proper grammar and punctuation
- Producing monthly Management Action Status Report provided to Business Unit Heads and CEO
IT Audit Analyst Job Description
- Coordinate with independent auditors in executing audit procedures for the organization, including SOC1, SOC2, NIST
- Responsible for governance and reporting for general IT controls and automated application controls, which include SOX, PCI, FERPA, GLBA and other regulatory compliance
- Lead IT audit and compliance projects and initiatives to implement appropriate and effective IT controls
- Oversee design, implementation and continual operation of general IT controls, including access to programs and data, change management, SDLC and program development, and computer operations
- Coordinate and facilitate all IT audits and compliance projects, acting as an intermediary between internal and external auditors, and the IT department/organization
- Provide project management support to all IT audits and compliance projects, including documentation tracking and providing, and status management and reporting to internal management and external audit parties
- Design and implement compliance testing and documentation across all process domains
- Review audit results with appropriate management personnel and provide recommendations for remediation
- Write reports and develop presentations to communicate audit findings, control gaps and remediation efforts to management
- Oversee and facilitate remediation efforts with management personnel
- Excellent analytical skills, attention to detail, and a high level of initiative
- Experience working in industry’s best practice project management, SDLC, and QA Audit framework and tools, and process improvement models such as CMMI and Lean/Sig Sigma
- Leading specific audits of SOX or financial reporting, ISO27001, SOC, PCI-DSS and HIPAA, operational and regulatory audits, including planning individual audits, performing tests and reporting
- Supervising or reviewing tests prepared by analysts
- Full scope responsibility for delivery of a complete SOX, ISO 27001 and Internal audit unit
- Assisting managers in their objectives to interact with management to inform them and obtain their support for Compliance Programs and IA objectives
IT Audit Analyst Job Description
- Provide timely reporting of IT audit and compliance testing and remediation status of deficiencies, both internal and external
- Coordinate with internal and external auditors on delivering evidence for achieving and maintaining compliance and status on gap remediation
- Monitor and evaluate changes in industry law, regulations and compliance requirements and adjust scope as necessary
- Attend Service Review meetings, audit meetings, team meetings and departmental meetings
- Provide, collect and analyze key metrics to Managers and staff
- Provide suggestions on how to improve processes and support process improvement implementation
- Participate in implementation and monitoring of compliance software tools
- Must be willing to stay current, understand, document and defend information security concepts, practices, policies, and standards changes in regulatory and audit requirements with respect to information security and privacy for all applicable lines of business
- Ability to identify significant information security risks, execute design and implementation of strategies and programs to prevent or reduce the loss of organizational assets
- Address and/or escalate information security issues to the appropriate Information Risk Manager Director(s)
- CISA strongly preferred
- Three plus years of progressive experience and proven success within a large complex multi-national company
- Demonstrated knowledge and experience related to Information Systems risks, controls and auditing
- Solid understanding of the relationship of information systems, internal controls and business processes with financial statement assertions, including a solid understanding of SOX 404 controls and the underlying risks
- Understanding of effective application of accounting principles, regulations and financial analysis
- Foreign language skills and experience living or working abroad a plus
IT Audit Analyst Job Description
- Support information security audits, awareness and responsibilities throughout the organization to educate on information risks, and determine appropriate remediation as necessary
- Prepare and review activity reports as requested by management
- Develop strong relationships with management, company peers, and industry counterparts to ensure alignment of company goals with current information security industry and regulatory trends
- Keep information security management informed of information security issues and escalate in a timely manner as appropriate
- Manage IT audits and compliance related filings
- Manage, create and maintain technical security documents, processes, and procedures
- Interact with technical managers and development teams to maintain PCI DSS compliance
- Report appropriate metrics (key performance indicators) to measure the security program and related processes for both HIPAA and PCI DSS
- Lead and manage PCI Compliance audits
- Work closely with internal technology, application, legal and business teams to identify requirements for NIST/CMS, HIPAA/HITECH, HITRUST and other regulatory compliance requirements, develop implementation approaches and monitoring of their progress
- Audit experience at a large financial institution or auditing company
- Data center environmental and physical security controls
- IT operations, including service availability management, system monitoring and batch processing
- Change, problem & incident management
- IT asset management and inventories
- Platform engineering and support for mainframe, midrange and distributed platforms, including configuration, build, vulnerability and patch management
IT Audit Analyst Job Description
- Experience in information security program development is highly desired
- Understanding of ISO 27001/27002, NIST Cybersecurity Framework, and ITIL
- Communicate audit progress and results to both department and business unit management
- Document key IT controls and risks across operational and information security domains
- Support IT Audit & Compliance leader on business and technology related initiatives
- Monitor and track IT General Control (ATGC) documentation and evidence
- Create IT process flows and identify control points and weaknesses
- Develop working relationships with the business, and abroad understanding of business processes in order to translate technical issues into business-related decision points
- Assist in the implementation of new or enhanced processes
- Lead teams, emphasizing the supervising of staff by creating a positive working environment through the building of solid relationships with team members
- Data storage and transmission management
- IT end-user support services and tools, including work-station, messaging and mobile technologies
- 3-6+ years professional experience with background in controls, audit, quality assurance, IT risk management, and/or compliance required
- Data extracts, analysis, and report design and development, utilizing Microsoft Excel and other tools
- Development, coding, and management related applications for tracking and reporting Issues/Action Plans, Controls, and RCSA testing
- Experience using Business Intelligence tools is helpful