Assistant State Info Sys Auditor I

Job Code: 32004654
Salary Grade: NC13
Revision Date: 03/2022

Class Concept

Positions at this level are entry-level professional auditors who are primarily responsible for assisting in various audits or reviews as a team member under close supervision and direction. Positions will conduct background research to support the development of the audit scopes, objectives, plans and programs, and identify internal controls for compliance with state and federal legal requirements with significant supervision and direction. Positions at this level work under close supervision and direction to evaluate and review computerized information systems including information technology (IT) governance, IT policies and procedures, pre- and post-implementations, general controls, system development standards, operating procedures, networks, operating systems, database management, system security, programming controls, communication controls, backup and disaster recovery and system maintenance to ensure the efficiency and effectiveness of systems and to minimize risk. Positions at this level assist a supervisor or an Auditor-In-Charge in the examination and analysis of risks, internal controls, source records and reports, programmatic data, financial information and/or information technology systems for accuracy, completeness, and conformance to guidelines, regulations, and best practices. Work may include assisting other divisions with data retrieval and analysis and may include activities related to communication and instruction.

Engagements are conducted in accordance with generally accepted government auditing standards as prescribed by the United States Government Accountability Office, and other applicable laws, regulations, and professional standards, as applicable. Positions at this level will generally be assigned the most routine segments of audits and will be able to complete under significant direct supervision, coaching, and training of a supervisor or Auditor-In-Charge. The expectation of an employee is that the employee will ask as many questions as needed to keep the work progressing and meet the objectives. Additionally, the expectation of this position is that the employee begins to demonstrate the ability to progress, develop and transfer knowledge and understanding gained from one audit to the next.

Recruitment Requirements

Knowledge, Skills, and Abilities

• Ability to learn and understand laws, regulations, and procedures, generally accepted accounting principles, technical and professional standards, including Generally Accepted Government Auditing Standards and General Accepted Auditing Standards.
• Ability to learn and understand IT general and application controls to evaluate and review a range of mainframe, PC, and distributed environments, ability to learn and understand audits over systems development, operation, programming, control, and security procedures and standards (on-premise and cloud, commercial-off-theshelf (COTS) solutions and custom software development, etc.).
• Ability to learn and understand how to audit operating systems, system backup, disaster recovery, business continuity planning, and maintenance procedures.
• Ability to learn and understand security and regulatory frameworks, such as HIPAA, ISO27002, IRS 1075, and NIST 800 series, ability to learn and understand the tenets of security: confidentiality, integrity, and availability (CIA), ability to learn and understand network infrastructure, including routers, switches, firewalls/DMZ and associated network protocols and concepts, ability to learn and understand network/systems controls, patching and mitigation of vulnerabilities, ability to learn and understand data analytics, CAATs, robotics, and data retrieval techniques to enhance the audit effectiveness for all types of audits.
• Ability to learn and understand programming languages & libraries (ACL, R, Python, SQL, etc.), ability to learn and understand different visualizations, dashboards, and the creation of necessary visuals in associated software (HighBond, SAS Visual Analytics, Tableau, PowerBI, Python, etc.), Ability to learn and understand data analytics techniques (AI, Machine Learning, etc.).  Ability to learn and understand data literacy, ETL, architecture and systems.
• Ability to learn and understand how to flowchart end users' data analytic needs through requirements gathering, ability to follow work plan, execute sampling plans and/or perform test procedures, audit or investigate various financial systems, and/or program information.
• Ability to confirm accuracy, integrity, and conformance to rules, regulations, standards and to recognize exceptions to identified controls, compliance, and other expectations.
• Ability to communicate in writing and verbally in a clear, concise, and organized manner and ability to gain the confidence, work effectively, and promote strong working relationships within the audit/investigative team.
• Ability to treat team members with respect in a cooperative manner, and not introduce negativity into the work environment.
• Ability to follow audit/investigative/review procedures as planned and review work for completeness and accuracy.

Minimum Education and Experience

Bachelor's degree with 24 semester hours in accounting and 12 semester hours in information technology or computer & information security from an appropriately accredited institution; or Bachelor's degree with 24 semester hours in information technology or computer & information security and 12 semester hours in accounting/business from an appropriately accredited institution; or an equivalent combination of education and experience.