This position is responsible for evaluating the credit union’s information technology environment to identify risks and internal controls. The environment is evaluated for conformity with industry regulations and best practices for security, accuracy and efficiency. The role is also responsible for developing programs to test internal controls and delivering independent, objective assurance that the environment provides security for member and credit union information, accurate processing, reliable financial reporting and is in compliance with regulatory requirements.
Perform information technology internal audits:
• Utilize risk assessments to help identify information technology risks, develop the audit universe and determine the scope and timing of IT audits.
• Develop IT audit programs that test internal controls to evaluate conformity with industry regulations and best practices and assess their effectiveness in mitigating information technology risk, securing information assets and ensuring financial reporting reliability.
• Ensure compliance with policies, processes, procedures and regulations
• Prepare IT audit work papers that are easy to follow, have sufficient detail to indicate the extent of the audit tests performed and support audit recommendations.
• Write clear, concise and professional audit reports which clearly explain risks identified and recommend corrective action that balances efficiencies and risk.
• Perform follow-up to ensure implementation of recommendations
• Complete IT audits within time requirements in accordance with the annual plan.
Provide consulting services designed to add value and improve the credit union’s operations:
• Assist IT management in investigating areas of concern to ensure appropriate technologies and solutions are in place to meet information technology needs.
• Assist IT managers in identifying risk, evaluating internal controls, resolving problems and provide guidance in establishing best practices.
• Review technical documentation, policies, processes and procedures and advise management on the appropriateness of documented internal controls and any gaps identified.
• Assist examiners or external auditing firm with documentation and data for their annual review and confirmation process.
Participate on corporate information technology projects to ensure that internal controls are properly established for new initiatives or adequately maintained for changes:
• Review technical requirements for new products, services and applications to ensure the appropriate level of control will be established during implementation.
• Review user acceptance test plans for completeness.
• Review proposed change recommendations to ensure existing controls will not be diminished or eliminated as a result of proposed changes or upgrades.
Perform a specialized role within the audit department:
• Provides assistance to audit staff in developing audit programs, analysis techniques and data extract tools.
• Assist audit staff in the development of continuous audit techniques
• Work with network management and the third party vendor to maintain and update, as necessary, the department Audit Management System.
• Bachelor’s degree in computer science, information systems or a similar field
• CISA (Certified Information Systems Auditor) or CISSP
• Minimum of five years of IT auditing or similar experience
• Experience with a broad knowledge of financial services industry systems and operations
• Understanding of system hardware and software architectures across a variety of platforms including PC, client/server and mainframe business models
• Experience in internal controls evaluation
• Effective PC proficiency in Word, Excel and Access; Audit software a plus
• Excellent interpersonal skills, including communication, presentation and leadership
• Ability to handle multiple priorities effectively
• Self starter who requires minimal guidance to achieve expected results