*INTERNAL APPLICANTS ONLY*
PURPOSE OF POSITION:
This position will take the lead in establishing GIA's IT function; raising the awareness of the importance of IT controls and audit across the Partnership; providing guidance, training GC and local auditors on IT controls, conducting risk based IT audits of Partnership offices, and providing recommendations, including trend analysis of IT risk across the Partnership for inclusion in the CAO report to Partnership leaders and the ARC.
The person in this position will play a vital role in the automation of GIA's audit processes over the next two years and will be tasked with providing independent/objective assurance and consulting services designed to add value and improve the operations of the Partnership offices, establish/execute a comprehensive global plan of coverage for all IT related risks, support and execute audits related to IT general controls, application audits, user access reviews, system development, and other areas as needed.
This position is also responsible for conducting and supervising GC and local audit teams performing risk based IT audits and providing reasonable assurance to business owners, partnership leaders and the ARC that IT controls in place, including compliance with policies, procedures, privacy act, regulations, etc., are operating efficiently and effectively.
This role will represent the CAO on major IT development and implementation projects, including serving in an advisory role on steering committees and participating in advisory board/council or local audit committee meetings and identifying and engaging with internal and external resources, as necessary, to assist with IT audits.
- Coordinate and provide Global Audit Administration with the necessary documents at least three months prior to the commencement of the audit to ensure that the audit announcement, staffing and travel arrangements can be done in a timely and cost effective manner. Understand the Partnership and audit customer IT operating environment, its key goals, risks, relevant policies, procedures and processes and complete the MWRAP template to use as the foundation for assessing and evaluating the IT risk universe, and preparing annual risk based IT audit plan for the Partnership entities.
- Assess information technology controls and processes, including technical reviews of systems and programs, implemented controls over new and modified computer systems and software applications, data security controls, and business continuity across multiple business units of the Partnership.
- Engage internal or external expertise, as needed, to perform tests of highly technical areas where GIA is lacking such expertise. Oversee and/or perform the preliminary survey and review, including completion of the MWRAP template for the IT audit assignment, and in conjunction with the Director of Global Centre Audit (GCA), develop audit planning memo and conduct pre-audit planning meeting with the CAO and other GIA Directors, as needed, before the commencement of fieldwork.
- Conduct entrance conference with the entities senior management team and individually with key stakeholders, such as the ND, FD, PD or COO, along the lines of the MWRAP template; perform IT audit and/or supervise and conduct onsite review of all work papers, discuss audit findings and recommendations with business owners and partner with them on finding value add solutions and action plans to address the recommendations before leaving the field
- Perform post-audit reviews to determine compliance with audit recommendations and perform special projects as required. Keep the Director of GCA and the CAO, only issues of fraud and potential significant reputational impact to the Partnership, abreast of all significant findings as they arise in the field and obtain input and approval before the issuance of the final draft report from the Director of GCA.
- Prepare draft audit reports in accordance with GIA's guidelines and share with management response at the exit conference with business owners, including the audit committee chair.
- Share the results of the audit and the draft report with the Director of GCA upon return to home base and issue the final draft of the report to business owners within 15 days after the exit conference and the final report within 45 days after the exit conference or the last day of fieldwork.
- Participate in local advisory board/council or audit committee meetings as needed to share findings, recommendations and emerging risks and trends. Provide leadership, including in the area of Christian commitment and spiritual development, and train and monitor the quality of IT audit work to ensure compliance with ISACA and IIA Standards, WVI's IT policies and regulations.
- Enhance auditor efficiency and quality by promoting leading practices for conducting integrated audits and documenting IT risks and automated business controls; leveraging technology through the implementation and use of automated analytics, and effectively deploys and supports the enhancement of proprietary audit tools and participates in the successful introduction of new audit tools and methodologies to execute audit engagements effectively and efficiently
- Maintain a working knowledge of general IT control processes primarily in the network and client-server environments and knowledge of current technology and IT auditing practices through continuing professional education (CPE) and maintain required professional certification
KNOWLEDGE, SKILLS & ABILITIES:
- Present results using strong presentation, excellent verbal and written communication skills.
- Ability to interact and present results and solutions to senior level management. A bachelor's degree in IT, accounting, finance or other relevant field
- Technical professional certification required (CISA, CISSP, or MS SQL Server). CPA (Certified Public Accountant) or CIA (Certified Internal Auditor) a plus.
- Minimum of 8-10 years in working in IT auditing and preferably managing staff.
- Ability to travel 30-40% of the time to international locations.
- Experience analyzing data and coding with specialized tools (MS SQL Server, ACL, SAS).
- Proficiency with Microsoft Office applications, including Word, Excel, Access and PowerPoint.
- Ability to adapt to different technologies and grasp technical issues quickly
- The ability to work independently with minimal direction and guidance.
- Demonstrate flexibility self-confidence and tactful assertiveness in working in multicultural settings.
- Ability to handle and prioritize assignments simultaneously in a timely and efficient manner.
- Ability to meet aggressive deadlines.
- Creativity in accomplishing tasks and ability to exercise initiative & independent judgment to solve problems of limited scope and complexity.
- Ability to communicate effectively to work in a team and cross-cultural environment.
- Able to follow directions and handle confidential audit information with discretion.