STATE CLASSIFICATION JOB DESCRIPTION


Salary Group B21

Class No. 0247

 

INFORMATION TECHNOLOGY AUDITOR I

GENERAL DESCRIPTION

Performs entry-level information systems auditing. Work involves assisting in planning and conducting technical audits of information systems, platforms, and operating procedures. Assists in preparing audit findings regarding the efficiency, accuracy, and security of financial and non-financial programs. Works under close supervision, with minimal latitude for the use of initiative and independent judgment.

EXAMPLES OF WORK PERFORMED

Performs simple-to-routine audit work, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.

Performs information technology security reviews and general information technology or application control reviews, as needed, to address audit objectives.

Examines information technology control elements to mitigate information technology risks regarding the confidentiality, integrity, and availability of business information.

Provides recommendations on the use, integration, maintenance, and enhancement of an entity’s information technology systems.

Participates in audits of technology platforms, information systems, and information technology operating procedures; and examines information technology internal controls and security.

Assists in conducting data extraction, analysis, and security reviews.

Assists in preparing system and data diagrams to identify manual and systems process interactions and critical controls.

Assists in testing e-government transactions; ensuring compliance with laws, regulations, and policies on privacy and public access to data; and testing controls over online services.

May provide technical support for financial and performance audits and perform information technology audits and computer-assisted audits.

May assist in preparing audit reports dealing with complex and sensitive issues in a timely manner for internal and external audiences.

Performs related work as assigned.

GENERAL QUALIFICATION GUIDELINES

Experience and Education

Experience in information systems, auditing, control, or security work. Graduation from an accredited four-year college or university with major coursework in information systems, accounting, business administration, finance, economics, public affairs/administration, or a related field is generally preferred. Experience and education may be substituted for one another.

Knowledge, Skills, and Abilities

Knowledge of generally accepted information technology audit and financial standards and practices, of information technology security and control practices, and of information technology management practices.

Skill in collecting and analyzing data; and in using analytical software tools, data analysis methods, and other computer applications.

Ability to communicate effectively.

Registration, Certification or Licensure

May require certification as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA).

 


State Auditor’s Office

Revised 9-1-15