The position of Information Systems Auditor assist in ensuring the Credit Union maintains adequate information systems and operational risk, and is in full compliance with all banking laws, regulations, and internal policy and procedures. This position conducts independent IT audits and risk assessments of the Credit Union to assess the effectiveness of controls, procedures, and policies; efficiency of operations, and compliance with federal and state regulations; provide documentation of the Credit Union's internal control systems; report findings and make recommendations.
Essential Functions, in Priority Order: (Majority of duties, but not meant to be all inclusive or prevent other duties from being assigned as necessary)
Plan and execute a risk based Information Systems audit program, including identifying and analyzing risks, planning and prioritizing the audit work, conducting audit interviews, observing operations, documenting and analyzing procedures and controls, performing audit tests, preparing appropriate work papers, developing audit recommendations, tracking audit findings, reviewing them with appropriate management, and preparing audit report in an accurate and timely manner. Time: 40%
Plan and support risk assessment projects related to many areas of the Information Systems. Responsible for the completion of all risk based assignments effectively and within the scheduled time frame as well as quantifying and tracking all findings. Time: 20%
Assist in Vendor Due Diligence (GLBA) compliance as needed. Time: 10%
Act as liaison with the Credit Union’s IT department to ensure full understanding of data flow, data integrity, and system security. Time 10%
Represent Internal Audit on organizational project teams, at management meetings, and with external organizations. Time 10%
Coordinates, organizes and assigns work to external auditors and vendors as necessary to ensure proper risk coverage. Time 5%
Keep abreast of related field developments and maintain up-to-date knowledge of the information technology auditing and information security areas of interest to the organization. Time: 5%
Working Relationships/Contacts (Positions with which incumbent has frequent contact)
Daily, personal/written/phone contact with other department managers and staff.
Weekly, personal/written/phone contact with Credit Union members.
Weekly/monthly, personal/written/phone contact with strategic partners.
Physical Demands (Physical effort generally associated with this position)
Work involves standing and walking for brief periods of time, but most work is done from a seated position. There is potential for eyestrain from reading detailed reports and computer screen. Deadlines, workloads and pressure to achieve goals may cause increased stress levels.
Working Conditions (Typical working conditions associated with this type of work and environmental hazards, if any, that may be encountered in performing the duties of this position)
Internal -- work is normally performed in climate controlled office environment, where exposure to conditions of extreme heat/cold, poor ventilation, fumes and gases is very limited. Noise level is moderate and includes sounds of normal office equipment (computers, telephones, etc). No known environmental hazards are encountered in normal performance of duties. Length of day is unpredictable; long hours may be required to accommodate deadlines or special meetings.
External -- Some travel may be required; however, information on environmental conditions is not available.
Accountability (Budget/asset amount managed, revenues produced, and/or other financial resource incumbent is accountable for. Also indicates judgement/decision-making level)
Carry out assigned responsibilities with minimum number of errors according to established department standards
Provide accurate assessments on Credit Union’s business risks, information systems, of internal controls, and level of compliance with policies, regulations, and applicable laws
Build relationships through the Credit Union to ensure concerns are identified and resolved in a timely manner
Perform audit and prepare audit reports which identify problems, make recommendations, and help facilitate resolutions
Assist external auditors, other regulatory agencies, and vendors as requested
Maintain files and support documentation for audit and other assignments
A significant level of trust and diplomacy is required, in addition to normal courtesy and tact. Work involves extensive personal contact with others and/or can be of a personal or sensitive nature. Outside contacts become important and fostering sound relationships with other entities (audit firms, examiners, and vendors)
Knowledge of management information systems terminology, concepts, and practices.
Knowledge of industry program policies, procedures, regulations, and laws.
Skill in conducting quality control reviews of audit work products.
Skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions.
Strong work ethic and ability to multi-task, prioritize and follow-through on numerous projects.
Dealing with Ambiguity
Drive for Results
Integrity and Trust
High level of decision making in an ambiguous environment.
Analysis and interpretation of systems (hardware and software) used within the organization in order to implement system performance, security and efficiency standards.
Ability to listen and respond with empathy.
Ability to analyze and evaluate information.
Goal-oriented, innovative problem solver.
Creative thinking in developing business process solutions.
Ability to use good judgment and make sound decisions quickly.
Ability to work under pressure.
Ability to negotiate settlements and solve problems.
Ability to understand strategic objectives.
Ability to concentrate in a multi-task environment.
Ability to maintain a positive attitude and professional image.
Ability to train and evaluate results.
Tools and Equipment Used
All available general office equipment as needed.
All available computer software and hardware as needed.
The position requires a bachelor’s degree in finance, computer science, information systems, engineering, or a related field.
Five years experience of financial institution, technology firm, accounting or auditing practices is required with emphasis in the areas of Internal Audit, Financial Analytics, Compliance and Risk Management.
Obtain or at least working toward one of the following: CISA, CISM, CIA or CISSP or similar certification or equivalent.
United Federal Credit Union - 15 months ago
copy to clipboard
We are committed to helping the communities we serve.