Information Technology Internal Auditor
Newport News, VA
Job posting number: #7079761
Posted: June 11, 2021
Application Deadline: Open Until Filled
Job DescriptionCampus Security Authority Statement
This position is NOT designated as a Campus Security Authority. A Campus Security Authority (or CSA) is defined as an “official of the institution with significant responsibility for student and campus activities.” A CSA is required to immediately report any crime that is reported to them to the University Police who will then review, evaluate, and investigate the reported crime. Annual training is required by the Department of Education for all personnel who have been designated as a Campus Security Authority.
Designated Personnel No
Designated Personnel Statement
This position is NOT a “designated position” meaning this position could potentially be required to work (depending on the event) during an emergency closing.
Statement of Economic Interest Yes
Statement of Economic Interest Statement
This position DOES require a Statement of Personal Economic Interest.
Restricted Position No
Restricted Position Statement
A restricted position would be subject to availability of funding. This is NOT a restricted position.
Chief Objective of Position
Reporting to the Director of Internal Audit, plans, and performs review and testing on all layers of computer systems (application, database, operating system, data, infrastructure, etc.) for data integrity and security as well as special audits to safeguard assets and ensure effectiveness of information technology and managerial controls and the accuracy of recorded data. This position is responsible for the performance of audits to evaluate the security, integrity, contingency planning, policy and regulatory compliance, and risk management of the administrative and academic Information Systems of the University. The auditor is to identify critical audit issues and develop and carry out an effective audit program within the time budget which results in meaningful management recommendations.
1. Using discretion and independent judgment performs annual information technology risk assessment; proposes and prioritizes audits based on risk; and, develops annual audit plan for review by the Director of Internal Audit.
2. In consultation with the Director, plans, performs and documents information technology audits which evaluate control environment, business practice, security and data integrity. Plans and conducts IT audits in accordance with the annual audit plan with minimal supervision, by applying standards established by the Institute of Internal Auditors (IIA) and as prescribed by the University and Commonwealth’s IT Standards. In consultation with the Director, writes the audit program that identifies the objectives to be accomplished and the specific procedures to be carried out to accomplish the objectives based on control analyses and the documented understanding of the system.
3. Identify potential audit findings and prepare written summaries documenting these findings and recommending appropriate corrective action.
4. Prepare organized and concise audit work papers and initial drafts of audit reports that conform to professional and departmental standards. Contributes to the development of the audit report using clear, concise language and participates in the exit conference with management.
5. Proactively communicates audit issues and progress with the Director and proposes solutions to issues communicated.
6. Consults with functional departments regarding appropriate controls for their information systems.
7. In consultation with the Director of Internal Audit, provides guidance as the audit liaison in IT development projects to include systems planning, design, and implementation ensuring effective use of control techniques and efficient use of resources.
8. Identifies, analyzes, assesses and develops solutions for internal control, security, and data integrity issues in various University computing platforms.
9. Determines compliance with policies and procedures, including Virginia Information Technologies Agency (VITA).
10. May represent department on University committees related to information technology.
11. Performs special project work and other duties as assigned. Assist with the design and performance of financial, compliance and operational audits.
12. Works professionally with the University community and maintains a technical base of knowledge, stays current with industry technical and organizational trends, products, services and best practices. Demonstrate a willingness to develop new skills and learn new methodologies.
13. Develops and maintains very positive and professional customer service and relations within the HR office and with all HR constituencies to include students, faculty, staff, administrators, other employees, other agency personnel and community members. Demonstrates a positive and professional attitude and treats everyone with dignity and respect. Fully supports the “Student’s First” value at CNU and routinely goes the extra mile in providing service. Completes all work in a timely, efficient and accurate manner.
14. Safety issues are reviewed and communicated to assure a safe and healthy workplace and a reduction in work related absence.
15. This position is designated as a “responsible employee” who has the authority to redress sexual violence, who has the duty to report incidents of sexual violence or other student misconduct, or who a student could reasonably believe has this authority or duty.
16. Other duties as assigned.
Knowledge, Skills, Abilities (KSA's) required
Advanced knowledge of information technology hardware, operating systems, network concepts, software and system development processes; the ability to evaluate evidence and write accurate, concise work paper documentation and audit reports; demonstrated ability to identify information technology risk and exposure areas, retrieve and analyze data, test network and application security; basic understanding of information system application and general controls, knowledge of IT security and project management; demonstrated use of effective problem solving skills; ability to comprehend and interpret policies, procedures, laws, regulations and guidelines; ability to communicate, both written and verbal, clearly and effectively including non-IT personnel; ability to maintain confidentiality; strong computer skills; demonstrated ability to work independently and manage time effectively utilizing work and project plans to meet deadlines; excellent customer service skills; good organizational skills and attention to detail; Possess a high energy level and strong work ethic with a commitment to continuous improvement in a dynamic environment that strives to exceed expectations.
Knowledge, Skills, Abilities (KSA's) preferred
Demonstrates knowledge and understanding of how technology supports the achievement of University objectives with special emphasis on automated and preventive controls to ensure the Enterprise system and other sensitive information processing systems meet operational compliance to policy and procedures, and mitigate risks; knowledge of generally accepted accounting principles and practices; knowledge of audit standards, procedures and techniques required to perform audits; knowledge of good business processes.
Master’s Degree in Accounting, Information Technology, Computer Science, MIS, or other relevant field; or, a Bachelor’s Degree in a related field plus experience that equates to an advanced degree.
Certification as a CPA, CIA, CISA, CISSP or CISM or evidence of progression towards achieving such certification.
Experience in data retrieval and analysis. Experience in word processing and spreadsheets.
Professional experience as an auditor. Experience with Banner. Previous experience working in higher education. Previous experience auditing ITS departments. Experience in Microsoft Office to include Word and Excel. Public accounting experience. Experience using ACL, IDEA, or similar computer assisted audit techniques. Working knowledge of National Institute of Standards and Technology (NIST) 800-53 and COV SEC-501 standards. Experience using automated workpapers.
Selected by The Princeton Review for The 386 Best Colleges: 2021 Edition, and highly ranked for its quality of life and innovative leadership, Christopher Newport University is a public school offering a private school experience — great teaching, small classes, and a safe, vibrant campus. A “student-first, teaching-first” community, Christopher Newport is dedicated to the ideals of scholarship, leadership and service. The University is located between Williamsburg and the Virginia beaches in Newport News, and enrolls 5,100 students. Academic programs encompass more than 90 areas of study, from biology to business administration and political science to the performing arts. The University has a new and technologically advanced campus, has generated over 7,300 applications for a freshmen class of 1,155 and has been ranked by U.S. News & World Report’s America’s Best Colleges guide as fourth among public regional universities in the South and seventh among all regional universities in the South. In addition, Christopher Newport is ranked third among all public schools for having "the highest proportion of classes with fewer than 20 students.” Christopher Newport is committed to ensuring that all people are welcomed, honored and fully engaged in the life of our academic community. We seek exceptional and diverse candidates and encourage applications from individuals who are underrepresented in their profession. For further details and information about Christopher Newport, visit http://www.cnu.edu.