|
General
Summary
The
Senior Information Systems Auditor position is responsible for performing
information systems audit work throughout the University of Minnesota
including audits of complex computer applications and technological
solutions. Incumbents are expected to have information systems audit
experience and to demonstrate proficiency in performing information
systems audit work which conforms to professional standards. Work
assigned to incumbents will generally be well defined and is expected
to be carried out with limited supervision. The complexity and size
of audit assignments will vary significantly. Decisions regarding
the scope of work performed, nature of testing completed, and the
reporting disposition of results may be delegated to this position
with oversight by the Information Systems Manager.
Job
Description
A
Senior Information Systems Auditor is expected to:
-
Possess
a working knowledge of the University of Minnesota: its business
processes; policies and procedures; governance practices; and
regulatory obligations as it relates to information systems.
-
Demonstrate
proficiency in applying information systems audit principles,
skills and techniques in reviewing and testing computer applications
and information systems technology of varying complexity utilized
by the University and its affiliates.
-
Execute
the audit process on a wide variety of computing environments
and computer applications and accurately interpret results against
defined criteria and do so such that the work is competently
and efficiently performed in accordance with professional and
departmental standards.
-
Apply
internal control concepts in a wide variety of information technology
processes and appropriately assess the exposures resulting from
ineffective or missing control practices.
-
Understand
the financial, operational, and compliance risks which affect
information systems design, modification and processing activities,
demonstrate the ability to identify and appropriately dimension
those risks, and formulate recommendations which are appropriate,
practical and cost-effective.
-
Prioritize
work so resources are devoted to areas of highest risk.
-
Consistently
document relevant facts and information which support the work
performed and conclusions drawn so other reviewers can follow
the auditor's logic and methodology.
-
Effectively
evaluate audit results, weighing the relevancy, accuracy, and
perspective of conclusions against the accumulated audit evidence.
-
Be
effective in communicating audit results, both verbally and
in writing, so they are persuasive, placed in the appropriate
context, and understood by the recipient.
-
Be
able to complete work with limited instructions, yet know when
to seek guidance from supervising staff when circumstances warrant.
-
Complete
work assignments independently as part of a team project.
-
Interact
effectively with a wide variety of people in a wide variety
of settings.
-
Demonstrate
effective time management skills by completing assignments within
time budgets and calendar schedules while handling multiple
tasks.
-
Exhibit
creativity and innovation in recommending improvements to departmental
audit practices and processes.
-
Engage
in professional development activities, including completion
of a professional certification program.
Incumbents
will also begin developing the skills necessary for managing information
systems audit engagements including planning, development of programs
of audit testing and evaluation, staff supervision and evaluation,
quality assurance, and reporting of audit results through participation
in these activities under the direction of a Information Systems
Audit Manager. Small, routine information system audits may be assigned
to Senior Auditors to aid in this skill development.
Some
specialization may occur during tenure in this position. Incumbents
may pursue specialized training and experiential development in
areas such as UNIX operating systems, Novell operating systems,
network firewall configurations and controls, RACF security, etc..
The
Senior Information Systems Auditor position may have limited supervisory
responsibilities, providing work direction to a small number of
assisting staff on audit assignments. Incumbents may also give work
assignments or directions to staff support personnel or student
interns.
Incumbents
generally interact with departmental management., although some
interaction with higher level employees may occur when directed
by the Information Systems Manager. Interaction is expected to occur
during audit projects as well as on a consulting/advisory basis.
Incumbents
must be comfortable working in ambiguous and/or stressful situations.
Flexibility, ability to change priorities quickly, and capacity
to handle multiple tasks are often required of this position.
The
Senior Information Systems auditor may also be responsible for designing
and building small automation tools for use by the entire audit
department.
The
Senior Information Systems auditor may provide some training on
identifying high level information system risk to the financial
auditors.
Skill
and Designation Requirements
The
position requires:
-
Bachelor's
degree with business emphasis in a related field
-
2
to 4 years of information system audit experience
-
Demonstrated
skills in performing Information systems audit process
-
Effective
interpersonal skills
-
Effective
verbal and written communications skills
-
Critical
thinking and analytical skills
-
Computer
literacy
Periodic
in-state travel may be required.
Overtime may be required occasionally to complete work assignments
on time.
Preferred
Skills and Designations
We
would prefer that the incumbent have some or all of the following
designations and skills:
-
Have
or pursuing a CISA, CPA or CIA certification
-
Skills
in using Microsoft windows based software
-
SAS
programming skills
-
Experience
auditing Novell, UNIX and Apple operating systems
-
Experience
auditing network firewall concepts
-
Experience
auditing RACF security systems
- Reports
To
-
Information
Systems Audit Manager
|
Return
to: Audits : U
of M Home
