Assistant State Info Sys Auditor III

Job Code: 32004656
Salary Grade: NC22
Revision Date: 03/2022

Class Concept

Positions at this level are professional auditors who are assigned responsibilities for performing advanced level work which may include the most complex, specialized auditing of financial, programmatic functions, and/or computerized information systems. Positions at this level independently evaluate and review computerized information systems including information technology (IT) governance, IT policies and procedures, pre- and post-implementations, general controls, system development standards, operating procedures, networks, operating systems, database management, system security, programming controls, communication controls, backup and disaster recovery and system maintenance to ensure the efficiency and effectiveness of systems and to minimize risk. Positions at this level also independently examine and analyze risks, internal controls, complex source records and reports, programmatic data, and financial information for accuracy, completeness, and conformance to guidelines, regulations, and best practices.

Engagements are conducted in accordance with generally accepted government auditing standards as prescribed by the United States Government Accountability Office, and other applicable laws, regulations, and professional standards, as applicable. Positions at this level conduct presentations of audit findings and reports, assists in the review of other staff members' work, and provides technical supervision of the audit process and the development of staff.

Positions at this level serve as an assistant to the Assistant State Audit Supervisor in the largest and most complex audits and related engagements/projects in state government, and as Auditors-InCharge of medium sized and smaller engagements. Work involves direction and coordination of subordinate auditors assigned to one or more audit and related engagements/projects. Positions at this level function in an independent manner guided by laws and regulations. Supervisory assistance is required only for unusual or nonrecurring problems or sensitive matters. Work is reviewed by an Assistant State Audit Supervisor/Manager for thoroughness, accuracy, and appropriateness of recommendations made.

Recruitment Requirements

Knowledge, Skills, and Abilities

• Knowledge, skills, and abilities required at the prior position level, plus additionally; demonstrates advanced-level knowledge of programming languages & libraries (ACL, R, Python, SQL, etc.), different visualizations, dashboards, and the creation of necessary visuals in associated software (HighBond, SAS Visual Analytics, Tableau, PowerBI, Python, etc.), different data analytics techniques (AI, Machine Learning, etc.), and data literacy, ETL, architecture and systems.
• Ability to interpret and apply knowledge of complex laws, regulations, and procedures, generally accepted accounting principles, and technical and professional standards, and to serve as a technical resource for unprecedented issues. IT general and application controls to evaluate and review a range of mainframe, PC, and distributed environments. audits over systems development, operation, programming, control, and security procedures and standards (on-premise and cloud, commercial-off-the-shelf (COTS) solutions and custom software development, etc.), audit operating systems, system backup, disaster recovery, business continuity planning, and maintenance procedures, security and regulatory frameworks, such as HIPAA, ISO27002, IRS 1075, and NIST 800 series, tenets of security: confidentiality, integrity, and availability (CIA), network infrastructure, including routers, switches, firewalls/DMZ and associated network protocols and concepts, network/systems controls, patching and mitigation of vulnerabilities, data analytics, CAATs, robotics, and data retrieval techniques to enhance the audit effectiveness for all types of audits.
• Ability to flowchart end users' data analytic needs through requirements gathering, ability to lead data understanding meetings with external parties to ensure that data is valid and ability to analyze and debug scripts.
• Ability to develop and follow work plan, apply sampling techniques, design test procedures and assist others in design, ability to audit various complex financial, systems, and/or program information and confirm accuracy, integrity, and conformance to rules, regulations, and standards and ability to identify substantive issues requiring research and analysis and recognize deficiencies in internal controls or other weaknesses and suggest solutions.
• Ability to recognize complex problems, identify reportable issues and underlying problems, propose solutions, and to serve as resource for others on unprecedented, non-standard issues and problems.
• Ability to communicate complex issues in writing and verbally in a clear, concise, and organized manner, make recommendations on policy impact and/or operations, review and edit others' communications, and conduct effective interviews of auditee personnel and ability to present complex technical issues in a way that non-technical people may understand.
• Ability to solicit ideas and suggestions from team members, treats team members with respect in a cooperative manner, and does not introduce negativity into the work environment.
• Ability to follow audit, review, or investigation procedures as planned and offer suggestions for improvements to plan and/or work papers, to review work for completeness and accuracy, and to ensure work papers are clear and understandable and support audit, review, or investigation objectives.
• Demonstrates example for other team members in manner by which tasks are completed, demonstrate openness to feedback and suggestions for improvement and assists in technical supervision and development of lower-level auditors/investigators.
• Provides instruction of office policies and procedures to new or less experienced team members and assists in planning and coordination of assigned tasks.

Minimum Education and Experience

Bachelor's degree with 24 semester hours in accounting and 12 semester hours in information technology or computer & information security from an appropriately accredited institution and 3 years of experience in auditing/accounting or information technology/computer security; or Bachelor's degree with 24 semester hours in information technology or computer & information security and 12 semester hours in accounting/business from an appropriately accredited institution and 3 years of experience in auditing/accounting or information technology/computer security; or an equivalent combination of education and experience.