Profession IT auditor

IT auditors perform audits of information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. They evaluate ICT infrastructure in terms of risk to the organisation and establish controls to mitigate loss. They determine and recommend improvements in the current risk management controls and in the implementation of system changes or upgrades.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

IT auditor Jobs: Open positions

Find the job of your dreams on Talent.com, one of the largest job sites worldwide.

Job postings: talent.com

Personality Type

Knowledge

  • ICT quality policy

    The quality policy of the organisation and its objectives, the acceptable level of quality and the techniques to measure it, its legal aspects and the duties of specific departments to ensure quality.

  • Engineering processes

    The systematic approach to the development and maintenance of engineering systems.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Quality standards

    The national and international requirements, specifications and guidelines to ensure that products, services and processes are of good quality and fit for purpose.

  • Audit techniques

    The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.

  • Legal requirements of ICT products

    The international regulations related to the development and use of ICT products.

  • Systems development life-cycle

    The sequence of steps, such as planning, creating, testing and deploying and the models for the development and life-cycle management of a system.

  • Organisational resilience

    The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.

  • ICT security legislation

    The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

  • Product life-cycle

    The management of the life-cycle of a product from the development stages to the market entry and market removal.

  • ICT process quality models

    The quality models for ICT services which address the maturity of the processes, the adoption of recommended practices and their definition and institutionalisation that allow the organisation to reliably and sustainably produce required outcomes. It includes models in a lot of ICT areas.

Skills

  • Perform quality audits

    Execute regular, systematic and documented examinations of a quality system for verifying conformity with a standard based on objective evidence such as the implementation of processes, effectiveness in achieving quality goals and reduction and elimination of quality problems.

  • Develop audit plan

    Define all organisational tasks (time, place and order) and develop a checklist concerning the topics to be audited.

  • Analyse ICT system

    Study the activity and performance of information systems in order to model their usage and weaknesses, specify purpose, architecture and services and discover operations and procedures for accomplishing them most efficiently.

  • Prepare financial auditing reports

    Compile information on audit findings of financial statements and financial management in order to prepare reports, point out improvement possibilities, and confirm governability.

  • Execute ICT audits

    Organise and execute audits in order to evaluate ICT systems, compliance of components of systems, information processing systems and information security. Identify and collect potential critical issues and recommend solutions based on required standards and solutions.

  • Perform security vulnerability assessments

    Execute types of security testing, such as network penetration testing, wireless testing, code reviews, wireless and/or firewall assessments in accordance with industry-accepted methods and protocols to identify and analyse potential vulnerabilities.

  • Improve business processes

    Optimise the series of operations of an organisation to achieve efficiency. Analyse and adapt existing business operations in order to set new objectives and meet new goals.

  • Ensure adherence to organisational ICT standards

    Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.

Optional knowledge and skills

communicate analytical insights identify ict security risks information security strategy cyber security develop ict workflow manage it security compliances apply information security policies cloud technologies ict network security risks monitor technology trends define organisational standards develop documentation in accordance with legal requirements ict project management ict accessibility standards world wide web consortium standards inform on safety standards identify legal requirements

Source: Sisyphus ODB