Review Vacancy
AgencyState Comptroller, Office of the
TitleAssociate Internal Auditor (Data Processing Operations) - Item#00139
Occupational CategoryFinancial, Accounting, Auditing
Bargaining UnitM/C - Management / Confidential (Unrepresented)
Salary RangeFrom $73362 to $91658 Annually
Appointment Type Contingent Permanent
Minimum Qualifications Interested candidates must be eligible to transfer under Section 52.6 of the Civil Service Law.
52.6 Transfer:
Candidates must have one year of permanent, competitive service in a qualifying title allocated to salary grade 21 or higher.
Duties Description IT Auditing
• Supervise activities related to the audit engagement.
• Prepare for, and participate in, audit-related meetings, including the Scoping, Opening and Closing conferences.
• Utilize automated work paper software to document IT audit plans, risk/control matrices, IT audit programs, sampling plans, potential observations, and draft IT audit reports.
• Document the detailed design of the area (function/unit) under audit via flowcharts and narratives.
• Discuss the design of the function under audit with relevant OSC management to ensure it accurately captures the detailed process under audit as well as the key risks (to achieving the unit’s objectives) and related key controls.
• Assess the adequacy of the design of controls, identifying control weaknesses and other areas for improvement and developing recommendations for control improvement.
• Conduct detailed testing to determine the level of compliance with the design of the key IT control policies and procedures.
• Ensure that the IT audit work performed, and supporting documentation, complies with professional auditing standards and adequately support any conclusions reached.
• Identify, with unit management’s input, insightful recommendations for improving the function under audit.
• Prepare the initial draft of the proposed IT audit report for Internal Audit management.
• Research audit-related products and/or services.
Advisory Services
• Provide internal control and IT security advice to OSC IT projects whenever requested, and/or serve on related sub-committees.
• Review and comment on OSC’s draft IT security policies and procedures.
• Research related products and/or services.
IT Risk Assessment
• Coordinate the completion of the IT portion of OIA’s annual risk assessment and provide input to the preparation of OIA’s IT Audit Plan
Research
• Remain current on IT industry trends and practices concerning IT infrastructure, new equipment and software, and any related vulnerabilities and issues that may impact OSC’s IT internal control systems.
• Remain current on new applications and software, and any related vulnerabilities (e.g., viruses) and issues that may impact OSC’s IT internal control systems.
• Remain current on any changes to professional audit and IT standards.
• This research involves reviewing periodicals, professional auditing Internet sites, and security-related Internet sites. It also involves reviewing documents posted to key OSC IT team rooms.
Assisting Non-IT Auditors
• Provide technical assistance to non-IT audit staff (e.g., Continuous Auditing programs, Data Warehouse extracts, etc.)
• Assist with the IT audit steps performed as part of non-IT audits within OIA.
Additional Comments Desired Competencies
(1) Information technology background; i.e., system operations, application programming, systems programming, network management, mainframe, server administration, and/or systems analysis.
(2) Auditing experience.
(3) Strong analytical skills.
(4) Strong written communication and documentation skills; i.e., ability to prepare work papers, document meetings, document audit findings, and prepare draft reports.
(5) Strong verbal communication and interviewing skills.
(6) Working knowledge of internal controls.
(7) Ability to research IT products, IT industry changes, and industry-known vulnerabilities.
(8) Security conscious.
(9) Ability to be objective.
(10) Ability to respect confidentiality.
Some positions may require additional credentials or a background check to verify your identity.
Email Address recruit@osc.state.ny.us
Address
Street Office of Human Resources
110 State Street, 12th Floor
Notes on ApplyingInterested candidates should submit a cover letter and resume to recruit@osc.state.ny.us no later than April 22, 2019. Please reference Item #139 GOER-JFP when responding.
When responding, please include the reference number and letters listed in this section. (The Vacancy ID # should not be included).