Head IT Audit

Key Responsibilities:

Assess System Security:

• They evaluate the security protocols and measures in place to ensure the safety of an organizations data and technology infrastructure.
• Check for vulnerabilities in systems and identify potential cybersecurity risks.

Evaluate IT Controls:

• Auditors check how well the IT systems are governed, managed, and controlled.
• This can include reviewing access controls, system configurations, and user privileges.
• They ensure policies and procedures are followed to minimize operational and financial risks.

Compliance and Risk Management:

• They ensure the organization complies with relevant laws and industry standards, such as GDPR, HIPAA, or SOX (Sarbanes-Oxley Act).
• Identify risks related to IT infrastructure, processes, and data handling, recommending improvements to mitigate these risks.

Data Integrity and Accuracy:

• Review how data is processed, stored, and managed to ensure its accuracy and consistency.
• Verify that data is protected from unauthorized changes and that backups are in place.
• Evaluate IT Governance:
• Assess whether the IT departments strategies align with the organization s
• business objectives and whether IT governance policies are effective.
• Look into how IT projects are managed, including their planning, budgeting, and execution.
• Testing and Auditing Systems:
• Perform hands-on testing of systems, applications, and networks to verify functionality, security, and compliance.
• This can involve penetration testing, vulnerability scanning, and reviewing system logs.

Reporting and Recommendations:

• Prepare detailed audit reports that outline findings, issues, and areas of concern.
• Provide recommendations for improving the IT infrastructure, security, and compliance with policies.

Collaboration with IT and Management:

• Work closely with the IT department to understand the systems and provide solutions to address identified weaknesses.
• Collaborate with other departments to ensure that IT and IS-related risks are adequately managed.

Continuous Improvement:

• Recommend updates to processes and controls to ensure systems remain secure and compliant.
• Stay updated with the latest trends and risks in IT and cybersecurity.

Tools and Techniques They Use:

• IT audit software like ACL, TeamMate, or IDEA.
• Network analysis tools like Wireshark or Nessus.
• Data analytics and reporting tools.In essence, an IT & IS auditor helps an organization safeguard its technology,infrastructure, ensuring systems are secure, efficient, and compliant with necessaryregulations.

Prior Experience & Qualifications:

• 15 years of experience in audit and specifically IT applications/ systems, infrastructure, IT security frameworks.
• Experience of working in banks and financial insitutations would be a definite plus.
• Knowledge of theIT audit software like ACL, TeamMate, or IDEA and networkanalysis tools like Wireshark or Nessus will be a must.