Assistant State Info Sys Audit Supervisor

Job Code: 32004657
Salary Grade: NC25
Revision Date: 03/2022

Class Concept

Positions at this level typically perform supervisory functions for one or more audit teams and oversee a full range of audit and related engagement/project services. Positions at this level plan, lead, and execute audits and related engagements/projects by exercising considerable independent judgment in analyzing and interpreting accounting and auditing standards, facts and figures, and for planning work schedules for themselves and their audit team. Positions at this level develop and write audit reports, review draft audit reports and working papers submitted by subordinate auditors, provide review notes when necessary, and verify working papers support conclusions and judgment of audit team members. This position conducts difficult or sensitive entrance/exit conferences or interviews with entities being audited/investigated and recommends changes which will improve financial records, systems, procedures, and controls, or which will bring auditee into legal compliance. This position ensures engagements are conducted in accordance with generally accepted government auditing standards as prescribed by the United States Government Accountability Office, generally accepted auditing standards as prescribed by the American Institute of Certified Public Accountants, and other applicable laws, regulations, and professional standards, as applicable. This position is responsible for identifying when exceptions to these principles and noncompliance with these laws are evidenced.

Positions at this level perform the full breadth of supervisory responsibilities for all types and complexities of audits and related engagements/projects in state government. Positions at this level receive general assignments from the Assistant State Audit Manager and work with considerable independence within the guidelines of state laws, regulations, and policies while monitoring budgets for all assigned audits and related engagements/projects within area of responsibility. Positions at this level are expected to assist with interviewing and selecting audit staff, engage their teams in skills development planning, delegation of assignments, coaching, training, counseling, performance evaluation, and taking appropriate corrective and disciplinary action, if necessary.

Recruitment Requirements

Knowledge, Skills, and Abilities

• Knowledge, skills, and abilities required at the prior position level, plus additionally; demonstrates full knowledge of professional standards, techniques, practices and procedures, local, state, and federal regulations, and statutes governing area of work, demonstrates full knowledge of current technological developments/trends. demonstrates full knowledge of IT audit techniques, IT standards, best practices, and analyses to serve as a resource to other divisions, demonstrates considerable knowledge of supervisory practices and skill in supervising others and basic knowledge of strategic planning.
• Demonstrates full knowledge of IT general and application controls to evaluate and review a range of mainframe, PC, and distributed production and applications computer systems and environments, demonstrates full knowledge of audits over systems development, operation, programming, control, and security procedures and standards (on-premise and cloud, commercial-off-theshelf (COTS) solutions and custom software development, etc.), demonstrates full knowledge to audit operating systems, system backup, disaster recovery, business continuity planning, and maintenance procedures.  Demonstrates full knowledge of and experience in security and regulatory frameworks, such as HIPAA, ISO27002, IRS 1075, and NIST 800 series.
• Demonstrates extensive knowledge of the tenets of security: confidentiality, integrity, and availability (CIA), demonstrates full knowledge of network infrastructure, including routers, switches, firewalls/DMZ and associated network protocols and concepts, demonstrates full knowledge of network/systems controls, patching and mitigation of vulnerabilities.
• Demonstrates full knowledge of data analytics, CAATs, robotics, and data retrieval techniques to enhance the audit effectiveness for all types of audits, demonstrates full knowledge of programming languages & libraries (ACL, R, Python, SQL, etc.), demonstrates full knowledge of different visualizations, dashboards, and creating necessary visuals in associated software (HighBond, SAS Visual Analytics, Tableau, PowerBI, Python, etc.).  Demonstrates full knowledge of different data analytics techniques (AI, Machine Learning, etc.).  Demonstrates full knowledge of data literacy, ETL, architecture and systems.
• Ability to flowchart end users' data analytic needs through requirements gathering, ability to analyze and debug scripts, ability to lead data understanding meetings with external parties to ensure that data is valid.
• Ability to lead development and implementation of vision and mission statements and officewide goals and objectives, and effectively monitor and adjust plans as needed, ability to manage resources effectively to meet operational goals and objectives and provide employee training and growth opportunities while providing technical supervision of staff, ability to encourage staff to accept and resolve challenges, lead and operate effectively in response to internal and external changes, and participate in development and implementation of goals and objectives and ability to treat team members with respect in a cooperative manner, and not introduce negativity into the work environment.
• Ability to analyze moderately complex situations, both audit/investigative and internal, make recommendations for modifications to program policy and procedures, and draw conclusions based on relevant information and demonstrates capacity to consider cost/benefits for organization as well as short- and longterm impact of decisions.
• Ability to effectively communicate with internal and external parties (orally or in writing) in order to convey moderately complex fiscal/programmatic/operational information while interpreting rules and regulations.
• Ability to serve as a technical resource and develop and maintain professional working relationships internally and externally.
• Ability to facilitate enhancement of employee development by providing guidance and feedback.

Minimum Education and Experience

Bachelor's degree with 24 semester hours in accounting and 12 semester hours in information technology or computer & information security from an appropriately accredited institution and 5 years of experience in auditing/accounting or information technology/computer security, one of which must have been functioning as an audit lead or supervisor; or Bachelor's degree with 24 semester hours in information technology or computer & information security and 12 semester hours in accounting/business from an appropriately accredited institution and 5 years of experience in auditing/accounting or information technology/computer security, one of which must have been functioning as an audit lead or supervisor; or an equivalent combination of education and experience.