Senior Auditor, IT & OperationsJob Summary:
This position reports to the Manager, Internal Audit.
The primary focus of the Senior Auditor is to be actively involved in carrying out IT and Operational audit projects (non-IT), advisory services and risk monitoring activities according to the overall Internal Audit Plan and professional auditing standards. Major Duties & Responsibilities:
Key Skills Required/Areas of Focus:
- Execute risk based audit and advisory engagements in accordance with the International Standards for the Professional Practice of Internal Auditing which includes
- Performing preliminary risk assessments to determine the audit focus (e.g. suggested objective, scope).
- Meeting with key engagement stakeholders and ensuring their needs are fully understood and addressed by the planned audit approach.
- Assist in developing and executing audit programs (e.g. documenting controls, preparing audit test plans, documenting test results/audit findings, summarizing recommendations, developing the sampling methodology etc.) and ensuring a direct linkage between the audit procedures performed and the risks to be addressed.
- Discussing all findings and recommendations with WSIB management to ensure they agree with the facts for each recommendation identified and work with management to obtain their responses on the items noted, including any mitigating factors.
- Work proactively with the Manager, Internal Audit to follow-up, track and report on assigned WSIB management responses from previous Internal Audit reports; stay abreast of management’s progress in addressing audit findings.
- Draft executive summaries for inclusion in Audit and Finance Committee packages.
- Proactively volunteer for new initiatives, projects, and process improvement activities.
- Promote the mandate and value-add activities of Internal Audit across the organisation.
- Actively contribute to the development and evolution of the audit methodology and best practices in the delivery of audit engagements.
- Excellent attention to detail in written deliverables and clear verbal communication skills.
- Ability to execute deliverables in a timely manner and manage time accordingly; ability to work on multiple projects at the same time.
- Demonstrates initiative, advisory/consultative, creative problem-solving abilities and analytical skills.
- Demonstrates specialised IT knowledge (risk, control and security) when executing audit field work, including the ability to design, test, analyze and report on IT-audit areas including Systems, System and Infrastructure Life Cycle Management, Information Security, IT Service Delivery, IT Operating and Network Systems/Security, IT Change Controls and Business Continuity and Disaster Recovery Planning etc.
How to apply: http://www.wsib.on.ca/WSIBPortal/faces/WSIBArticlePage?fGUID=835502100635000719
- University degree in Accounting, Business administration or IT related field.
- Highly desirable certifications include CPA, CIA, CISA, CFE, CRM or the PMP.
- 5 years minimum experience auditing IT projects, operations processes and/or health care claims in the insurance or health care industries is highly desirable.
- Experience with a consulting firm, public sector, insurance or healthcare industry is highly desirable.
- Strong knowledge of the IPPF and frameworks including COBIT and ITIL; usage of data analytics.
Senior IT Advisor, Audit & Quality Assurance
Job ID #: 4470
Salary: $113,285.00 - $131,143.90
Location: Toronto Police Headquarters
Department: Audit & Quality Assurance
Opening Date: May 23, 2017
Must apply before: June 6, 2017
The Toronto Police Service is the fourth largest municipal police service in North America. With over 5,000 officers and 2,000 civilian employees, we take pride in our diversity and in our dedication to keeping Toronto the best and safest place to be. Our well-earned reputation as a world leader in policing is a reflection of our commitment to excellence, innovation, quality leadership, and ongoing professional development. Summary of Function
Responsible for establishing and developing a Service-wide Information Technology (IT) Risk Assessment and Work Plan in consultation with Command, Senior Management Team and Unit Commanders, which would be kept up to date and revised in accordance with Institute of Internal Auditors (IIA) standards and the Information System Audit and Control Association (ISACA) standards; additionally, responsible for auditing IT and business/operational processes to determine whether Service information systems and technologies safeguard assets, maintain data integrity, achieve organizational goals effectively and use resources efficiently. Duties and Responsibilities
Duties and Responsibilities
- Identifies and evaluates significant exposures to risks within the Service and helps strengthen risk management and controls systems throughout the Service by establishing and developing a Service–wide IT Risk Assessment and Work Plan in accordance with IIA and ISACA standards. The Risk Assessment covers the following key aspects: IT Governance and General Controls, Systems Development Controls, Crime Implicators of eBusiness, Application Controls, Computer Assisted Audit Techniques, Common Access Controls, Operating System Access Controls, Control and Audit Implications of Outsourcing, Payment Card Industry Security Assurance and Computer Crime.
- Provides Information Systems (IS) audit services in accordance with audit standards, guidelines, methodologies (including risk management strategies, control strategies, structures and systems) and best practices of the IIA and the ISACA to assist the organization in ensuring that its information technology and business/operational systems are protected, controlled and operated effectively and efficiently by developing and implementing risk-based IS audit strategies; communicating emerging issues, potential risks, and audit results to key stakeholders; and advising on the implementation of IT control practices in the Service while maintaining independence.
- Manages trains and motivates members. Supervises the day to day operation of assigned members including the scheduling, assigning and reviewing of work. Authorizes overtime requests, monitors member performance and controls time budgets. Performs the annual performance appraisal on assigned members.
- Provides assurance that the Service has the structure, policies, accountability, mechanisms, and monitoring practices in place to achieve the requirements of appropriate and effective governance of IT through detailed evaluations in those areas.
- Responsible for communicating directly with the Executive Assurance Committee (EAC) and senior management on all IT work, as well as individual IT projects. This communication would be on an on-going basis. Required to formulate terms of reference for specific projects, report on findings and make recommendations.
- Provides assurance that the practices for the development/acquisition, testing, implementation, maintenance, and disposal of systems and infrastructure meet Service priorities, goals and strategies by evaluating control mechanisms for systems and/or infrastructure during specification, development/acquisition and testing by evaluating the specifications of prescribed requirements for new systems and determining whether such requirements would satisfy operational needs; by evaluating the process by which systems and/or infrastructure is maintained; and by performing post-implementation reviews of systems and/or infrastructure.
- Provides assurance that IT management practices will ensure the delivery of the level of service required to meet the Service’s priorities, goals and strategies by evaluating service level management practices; by evaluating data administration practices; and by evaluating the functionality of the IT infrastructure (e.g. network components, hardware, system software).
- Provides assurance that the security architecture (policies, standards, procedures, and controls) ensures the confidentiality, integrity, and availability of information assets by evaluating the design, implementation, and monitoring of logical access controls; by evaluating network infrastructure security; and by evaluating the design, implementation, and monitoring of physical access controls.
- Provides assurance that in the event of a disruption, business continuity and disaster recovery processes will ensure the timely resumption of IT services while minimizing business/operational impact by evaluating the adequacy of backup and restore provisions; by evaluating the Service’s disaster recovery plan; and by evaluating the organization’s business continuity plan.
- Evaluates and assesses IT deficiencies and weaknesses identified, analyzes underlying causes of control deficiencies and provides practical recommendations; produces audit reports that describe audit results and provides recommendations to address identified control deficiencies; maintains effective communication with auditees on control issues and provides consultation.
- Performs typical duties inherent to the position and other duties as required.
- Must not have been convicted of a criminal offence for which a pardon has not been obtained. If a pardon was obtained, proof of pardon must be provided. If a conditional or absolute discharge has been received, proof that the RCMP has sealed the records must be provided.
- Must have conformed, presently conform and continue to conform to the Core Values of the Service.
- Must have Degree/diploma in Computer Science, Information Technology or Business Administration and a recognized post-graduate IT professional designation or an approved equivalent combination of education, training and experience
- Must have a minimum of five (5) years’ experience in the Information Technology field of which at least two (2) years in a supervisory capacity, overseeing multiple concurrent projects
- Strong knowledge of IT government frameworks such as the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT)
- Excellent written and oral communications skills and the ability to effectively prioritize and execute tasks in a high-pressure environment and communicate findings and recommendations to Command
- Must have well developed interpersonal skills combined with the ability to effectively manage, train and motivate members
- Experience in conflict management and negotiation
Meri Dubeau, Senior Staffing Advisor, Employment Unit
E-mail: [email protected] *** Notes
THE TORONTO POLICE SERVICE SUPPORTS EQUAL OPPORTUNITY INITIATIVES.
- Once your application has been successfully submitted, you will receive an e-mail confirmation within 24 hours.
- Only those selected for further consideration will be contacted.
Accommodation will be provided in all stages of the hiring process.
Contact us for any accommodation requests, and we will work with you to meet your needs. YOUR CAREER…YOUR COMMUNITY…YOU CAN MAKE A DIFFERENCE! www.torontopolice.on.ca/careers
CLICK HERE TO APPLY: Toronto Police Service - Careers
Expires on: June 6, 2017
Senior IT Audit Specialist
Are you an expert in the field of I&IT auditing and risk management? Do you have exceptional interpersonal skills to build positive working relationships and mediate the resolution of issues? Then consider joining the Community Services Audit Service Team. Our I&IT audit professionals work on diverse audit and consulting assignments spanning a broad range of I&IT areas across the Ontario Public Service. Our work is client-focused and directly contributes to improved business outcomes and results for our clients.
What can I expect to do in this role?
- plan, lead, coordinate and conduct complex I&IT audits and consulting assignments
- assess internal controls and processes in the areas of IT governance, systems under development, IT project management, IT operations and information, infrastructure and network security
- provide technical expertise and support on major systems development projects including the development, use and evaluation of risk management and control strategies
- prepare reports and communicate audit findings
How do I qualify?
Technical Knowledge and Experience
- you have demonstrated experience conducting a broad range of complex I&IT audits and consulting assignments
- you have knowledge of and experience in generally accepted auditing standards, practices, methodologies (including risk management strategies, control strategies, structures and systems)
- you have experience in developing and utilizing innovative I&IT auditing techniques for risk and control assessments
- you have knowledge of and experience in systems development methodologies and practices
- you have an understanding of current and emerging technology and related issues, to utilize knowledge in the areas of systems under development, information security, e-commerce, data warehouses and analytics, telecommunications and networks, computer operations and existing applications
Relationship Management, Consultation and Communication Skills
- you can build and sustain positive relationships with clients and project teams, and can network effectively with management and colleagues
- you have demonstrated consultation skills to provide technical expertise and support major systems development projects
- you have excellent negotiation, mediation and persuasion skills to make recommendations and resolve contentious issues
- you can clearly, concisely and effectively communicate risk and control issues to clients
- you can conduct briefings and make presentations to all levels of management
- you can write and develop audit reports, briefing materials, technical reports and issues analysis correspondence
Project Management Skills
- you have experience leading and conducting assessments of complex business processes and operations
- you have experience in conducting and managing complex I&IT audit projects
- you can adapt to changing priorities and circumstances, handle concurrent projects, meet deadlines and manage projects within budget
Analytical and Problem-Solving Skills
- you have analytical skills and the ability to utilize data extraction software tools to evaluate internal controls, and identify control weaknesses, risks and impacts
- you can apply problem-solving skills to develop solutions for clients and identify process improvement opportunities
$68,536 - $100,994 per year
• 1 Permanent, 777 Bay St, Toronto, Toronto Region
Please apply online, only, at www.ontario.ca/careers
, quoting Job ID 104861, by Wednesday, March 8, 2017. Please follow the instructions to submit your application. Faxes are not being accepted at this time. If you require accommodation in order to participate in the recruitment process, please contact us at www.gojobs.gov.on.ca/ContactUs.aspx to provide your contact information. Recruitment Services staff will contact you within 48 hours. Only those applicants selected for an interview will be contacted. The Ontario Public Service is an inclusive employer. Accommodation will be provided in accordance with Ontario’s Human Rights Code. www.ontario.ca/careers www.ontario.ca/careers