The IT Audit Manager manages a team of IT auditors within Internal Audit. The scope of IT audit extends across the entire enterprise, including its commercial relationships with suppliers, partners and customers and other stakeholders. As the most senior and experienced IT auditor, the manager may get involved with some audit assignments including fieldwork, but most of the work consists of:

  • Managing the team;
  • Scoping;
  • Planning and prioritizing assignments;
  • Reviewing audit files;
  • Reviewing draft audit reports:
  • Presenting and discussing reports with management (especially senior managers);
  • Liaising and coordinating with other audit specialists and managers as well as clients;
  • Addressing various matters that are escalated (including special assignments associated with fraud or other significant concerns).

Distinguishing characteristics of the ideal candidate

  • Independent-minded, objective, rational, fastidious, diligent and professional: these are characteristic of all IT auditors. The manager is expected to be an accomplished IT auditor, with the knowledge, presence and confidence that stems from substantial personal experience in the field;
  • A natural leader: establishing and maintaining an effective IT audit function involves guiding, directing, mentoring, motivating, supporting and getting the most out of team members;
  • Very strong written and verbal communication skills: the manager spends a lot of time interacting with and influencing senior managers and must be capable of working effectively at that level, as well as within the IT audit team and Internal Audit as a whole;
  • The highest standards of personal integrity, trustworthiness and discretion: auditing involves privileged access to sensitive and valuable information.

Qualifications, skills and experience

The following are relevant and desirable for this role:

  • IT auditing: CISA and at least 3 years experience as an IT auditor;
  • Information security, risk, IT, governance and/or business analysis background: CISSP, CISM, CGEIT, CFE and/or an IT-related degree; at least 8 years work experience post school/college including at least 2 years as a team leader or manager.