Assistant State Info Sys Audit Manager

Job Code: 32004658
Salary Grade: NC26
Revision Date: 02/2024

Class Concept

Positions at this level typically perform managerial and oversight functions over multiple audit teams or an entire organizational unit by planning and managing several audits and related engagements. These positions exercise a high degree of independent decision-making and are responsible for cross-training and assignment of staff across the office to effectively respond to audit/investigation needs. Positions are responsible for providing quality professional services to auditees. Services include providing oversight for numerous audits/investigations and related engagements/projects. Positions apply an understanding of numerous audits' systems and procedures, of the overall business operations of entities being audited/investigated, and of the auditees' technology. Positions are often called upon to offer solutions to meet organization-wide challenges. Positions review and approve complex documents and reports including identifying and monitoring performance issues for the program or area of responsibility.

Positions at this level work with an Assistant State Audit Director to establish long-term and short-term goals and objectives, formulate audit programs and policies, and oversee the direction of staffing, training, and development. Positions at this level review and evaluate audit reports and work papers for content and accuracy for assigned jobs and take appropriate steps to resolve audit/investigative problems brought to their attention by the staff or identified during the review process. This position is involved in considerable research and consultation with state and federal agencies and other authoritative sources (GASB, FASB, AICPA, OMB, GAO, ISACA, etc.). Positions keep abreast of current developments to aid in interpreting the various fiscal rules, regulations, and policies. Positions are responsible for identifying when exceptions to these principles and noncompliance with these laws are allowed.

Positions at this level perform the full breadth of managerial responsibilities for all types and complexities of audits and related engagements/projects in state government. This position works under the general supervision of an Assistant State Audit Director with substantial independence within the guidelines of state laws, regulations, and policies while monitoring budgets for all assigned audits/investigations within the area of responsibility. This position is expected to prepare new audit procedures, instructions, and guidelines to be used by the audit staff. Positions at this level plan, coordinate, supervise, and evaluate the work of Assistant State Audit Supervisors and are the primary source of contact for technical issues that Assistant State Audit Supervisors may encounter. These positions are also responsible for conducting interviews and selection of staff, engaging supervisors in skills development planning, delegation of assignments, coaching, training, counseling, performance evaluation, and taking appropriate corrective and disciplinary action, if necessary.

Recruitment Requirements

Knowledge, Skills, and Abilities

• Thorough knowledge of professional standards, techniques, practices, procedures of local, state, and federal regulations, and statutes governing area of work and thorough knowledge of current technological developments/trends
• Thorough knowledge of IT audit techniques, IT standards, best practices, analyses to serve as a resource to other divisions and IT general and thorough knowledge of application controls to evaluate and review a range of mainframe, PC, and distributed environments
• Thorough knowledge of audits over systems development, operation, programming, control, and security procedures and standards (on-premises and cloud, commercial-off-the-shelf (COTS) solutions, custom software development, etc. and thorough knowledge in the audit of operating systems, system backup, disaster recovery, business continuity planning, and maintenance procedures
• Thorough knowledge in security and regulatory frameworks such as HIPAA, ISO27002, IRS 1075, NIST 800 series and thorough knowledge of tenets of security: confidentiality, integrity, and availability (CIA)
• Thorough knowledge of network infrastructure, including routers, switches, firewalls/DMZ and associated network protocols, concepts and thorough knowledge of network/systems controls, patching and mitigation of vulnerabilities
• Thorough knowledge of data analytics, CAATs, robotics, data retrieval techniques to enhance the audit effectiveness for all types of audits and thorough understanding of programming languages & libraries (ACL, R, Python, SQL, etc.)
• Thorough knowledge of different visualizations, dashboards, and the creation of necessary visuals in associated software (High Bond, SAS Visual Analytics, Tableau, Power BI, Python, etc.) and thorough knowledge of different data analytics techniques (AI, Machine Learning, etc.), data literacy, ETL, architecture and systems with thorough knowledge of flowcharting end users' data analytic needs through requirements gathering
• Ability to effectively lead the development and implementation of vision and mission statements, monitor & adjust plans as needed, ability to direct management of program and staff resources effectively to meet operational goals and objectives and ability to provide employee training and growth opportunities
• Ability to manage complex situations, both audit/investigative and internal, and make and implement recommendations for modifications to program policy and procedures, ability to consider cost/benefits for the organization as well as the short- and long-term impact of decisions.
• Ability to present complex technical issues in a way that non-technical people may understand, ability to serve as technical resource and develop and maintain professional working relationships internally and externally, ability to effectively communicate with internal and external parties (orally or in writing) to convey complex fiscal/programmatic/operational information while interpreting rules and regulations.

Minimum Education and Experience

Bachelor's degree with twenty-four semester hours in accounting and twelve semester hours in information technology or computer & information security from an appropriately accredited institution and five years of experience in auditing/accounting or information technology/computer security, including three years serving in a role as an audit lead or supervisor; or

Bachelor's degree with twenty-four semester hours in information technology or computer & information security and twelve semester hours in accounting/business from an appropriately accredited institution and five years of experience in auditing/accounting or information technology/computer security, including three years serving in a role as an audit lead or supervisor; or an equivalent combination of education and experience.

Necessary Special Requirements

The Assistant State Information Systems Audit Manager classification requires a Certified Public Accountant license issued by the State of North Carolina or eight years of auditing under the Government Auditing Standards (Yellow Book).