Information Technology Internal Auditor

Location
Virginia, United States
Salary
Competitive Salary
Posted
Aug 20, 2020
Employment Level
Administrative
Employment Type
Full Time

Working Title

Information Technology Internal Auditor

Position Number

FA373

FLSA

Exempt

Appointment Type

Full Time

Sensitive Position

No

Sensitive Position Statement

A sensitive position requires a fingerprint-based criminal history check. This is NOT a sensitive position.

Campus Security Authority

No

Campus Security Authority Statement

This position is NOT designated as a Campus Security Authority. A Campus Security Authority (or CSA) is defined as an “official of the institution with significant responsibility for student and campus activities.” A CSA is required to immediately report any crime that is reported to them to the University Police who will then review, evaluate, and investigate the reported crime. Annual training is required by the Department of Education for all personnel who have been designated as a Campus Security Authority.

Designated Personnel

No

Designated Personnel Statement

This position is NOT a “designated position” meaning this position could potentially be required to work (depending on the event) during an emergency closing.

Statement of Economic Interest

Yes

Statement of Economic Interest Statement

Internal auditors are required to file.
This position may require a Statement of Personal Economic Interest.

Restricted Position

No

Restricted Position Statement

A restricted position would be subject to availability of funding.

Chief Objective of Position

Reporting to the Director of Internal Audit, plans, and performs review and testing on all layers of computer systems (application, database, operating system, data, infrastructure, etc.) for data integrity and security as well as special audits to safeguard assets and ensure effectiveness of information technology and managerial controls and the accuracy of recorded data. This position is responsible for the performance of audits to evaluate the security, integrity, contingency planning, policy and regulatory compliance, and risk management of the administrative and academic Information Systems of the University. The auditor is to identify critical audit issues and develop and carry out an effective audit program within the time budget which results in meaningful management recommendations.

Work Tasks

1. Using discretion and independent judgment performs annual information technology risk assessment; proposes and prioritizes audits based on risk; and, develops annual audit plan for review by the Director of Internal Audit.

2. In consultation with the Director, plans, performs and documents information technology audits which evaluate control environment, business practice, security and data integrity. Plans and conducts IT audits in accordance with the annual audit plan with minimal supervision, by applying standards established by the Institute of Internal Auditors (IIA) and as prescribed by the University and Commonwealth’s IT Standards. In consultation with the Director, writes the audit program that identifies the objectives to be accomplished and the specific procedures to be carried out to accomplish the objectives based on control analyses and the documented understanding of the system.

3. Identify potential audit findings and prepare written summaries documenting these findings and recommending appropriate corrective action.

4. Prepare organized and concise audit work papers and initial drafts of audit reports that conform to professional and departmental standards. Contributes to the development of the audit report using clear, concise language and participates in the exit conference with management.

5. Proactively communicates audit issues and progress with the Director and proposes solutions to issues communicated.

6. Consults with functional departments regarding appropriate controls for their information systems.

7. In consultation with the Director of Internal Audit, provides guidance as the audit liaison in IT development projects to include systems planning, design, and implementation ensuring effective use of control techniques and efficient use of resources.

8. Identifies, analyzes, assesses and develops solutions for internal control, security, and data integrity issues in various University computing platforms.

9. Determines compliance with policies and procedures, including Virginia Information Technologies Agency (VITA).

10. May represent department on University committees related to information technology.

11. Performs special project work and other duties as assigned. Assist with the design and performance of financial, compliance and operational audits.

12. Works professionally with the University community and maintains a technical base of knowledge, stays current with industry technical and organizational trends, products, services and best practices. Demonstrate a willingness to develop new skills and learn new methodologies.

13. Develops and maintains very positive and professional customer service and relations within the HR office and with all HR constituencies to include students, faculty, staff, administrators, other employees, other agency personnel and community members. Demonstrates a positive and professional attitude and treats everyone with dignity and respect. Fully supports the “Student’s First” value at CNU and routinely goes the extra mile in providing service. Completes all work in a timely, efficient and accurate manner.

14. Safety issues are reviewed and communicated to assure a safe and healthy workplace and a reduction in work related absence.

15. This position is designated as a “responsible employee” who has the authority to redress sexual violence, who has the duty to report incidents of sexual violence or other student misconduct, or who a student could reasonably believe has this authority or duty.

16. Other duties as assigned.

Knowledge, Skills, Abilities (KSA's) required

Advanced knowledge of information technology hardware, operating systems, network concepts, software and system development processes; the ability to evaluate evidence and write accurate, concise work paper documentation and audit reports; demonstrated ability to identify information technology risk and exposure areas, retrieve and analyze data, test network and application security; basic understanding of information system application and general controls, knowledge of IT security and project management; demonstrated use of effective problem solving skills; ability to comprehend and interpret policies, procedures, laws, regulations and guidelines; ability to communicate, both written and verbal, clearly and effectively including non-IT personnel; ability to maintain confidentiality; strong computer skills; demonstrated ability to work independently and manage time effectively utilizing work and project plans to meet deadlines; excellent customer service skills; good organizational skills and attention to detail; Possess a high energy level and strong work ethic with a commitment to continuous improvement in a dynamic environment that strives to exceed expectations.

Knowledge, Skills, Abilities (KSA's) preferred

Demonstrates knowledge and understanding of how technology supports the achievement of University objectives with special emphasis on automated and preventive controls to ensure the Enterprise system and other sensitive information processing systems meet operational compliance to policy and procedures, and mitigate risks; knowledge of generally accepted accounting principles and practices; knowledge of audit standards, procedures and techniques required to perform audits; knowledge of good business processes.

Required Education

Master’s Degree in Accounting, Information Technology, Computer Science, MIS, or other relevant field; or, a Bachelor’s Degree in a related field plus experience that equates to an advanced degree.

Preferred Education

Certification as a CPA, CIA, CISA, CISSP or CISM or evidence of progression towards achieving such certification.

Experience Required

Experience in data retrieval and analysis. Experience in word processing and spreadsheets.

Experience Preferred

Professional experience as an auditor. Experience with Banner. Previous experience working in higher education. Previous experience auditing ITS departments. Experience in Microsoft Office to include Word and Excel. Public accounting experience. Experience using ACL, IDEA, or similar computer assisted audit techniques. Working knowledge of National Institute of Standards and Technology (NIST) 800-53 and COV SEC-501 standards. Experience using automated workpapers.

CNU Information

Selected by The Princeton Review to be included in The 385 Best Colleges: 2020 Edition, Christopher Newport University is a public school offering a private school experience — great teaching, small classes, and a safe, vibrant campus. A “student-first, teaching-first” community, CNU is dedicated to the ideals of scholarship, leadership and service. The University is located in Newport News, Virginia and enrolls 5,100 students. Academic programs at CNU encompass more than 90 areas of study, from biology to business administration and political science to the performing arts. The University has recently completed over $1 billion in capital construction on its 260-acre campus, generated over 7,200 applications for a freshmen class of 1,238 and has been ranked by U.S. News & World Report’s America’s Best Colleges guide as third among public regional universities in the South and sixth among all regional universities in the South. In addition, CNU is ranked third among all public schools for having "the highest proportion of classes with fewer than 20 students.” Christopher Newport University is committed to ensuring that all people are welcomed, honored and fully engaged in the life of our academic community. We seek exceptional and diverse candidates and encourage applications from individuals who are underrepresented in their profession. For further details and information about Christopher Newport, visit www.cnu.edu.

 

Posting Detail Information

Posting Number

AP112P

Number of Vacancies

1

Posting Date

08/20/2020

Application Deadline

09/17/2020

Application Instructions

Interested parties are requested to submit a cover letter; current resume; and the names, addresses, and telephone numbers of at least three professional references at the time of application. Review of applications will begin September 17, 2020. Applications received after September 17, 2020, will be accepted but considered only if needed. Search finalists are required to complete a CNU sponsored background check.

Quick Link for Internal Postings

http://jobs.cnu.edu/postings/9879

EEO Statement

Christopher Newport University, an EO Employer, is fully Committed to Access and Opportunity.

Notice of Non-Discrimination & Title IX Policy Statement:
https://cnu.edu/titleixeo/pdf/cnu-notice_of_nondiscrimination_and_titleix_policystatement.pdf