Review Vacancy
AgencyState Comptroller, Office of the
TitleAssociate Internal Auditor DPA - Item#00140
Occupational CategoryFinancial, Accounting, Auditing
Bargaining UnitM/C - Management / Confidential (Unrepresented)
Salary RangeFrom $71211 to $88971 Annually
Appointment Type Contingent Permanent
Minimum Qualifications Interested candidates must be eligible to transfer under Section 52.6 of the Civil Service Law.
52.6 Transfer:
Candidates must have one year of permanent, competitive service in a qualifying title allocated to salary grade 21 or higher.
Duties Description IT Audit Services: Under the supervision of Internal Audit management, the Associate Internal Auditor (DPA) serves as a valuable member of the OIA IT audit team (OIA-IT) responsible for providing independent and objective appraisals of the IT environment and applications of the Office of the State Comptroller (OSC). The purpose of OIA-IT is to assist the Comptroller and his management team in fulfilling their responsibilities and accomplishing their goals and objectives, which include the Comptroller’s responsibilities as chief fiscal officer of New York State and sole trustee of the New York State Common Retirement Fund. As part of OIA-IT, the Associate Internal Auditor (DPA) plays a key role in examining and evaluating the adequacy and effectiveness of the Comptroller’s Office system of internal control (including related external service providers) and the quality of performance in carrying out assigned responsibilities, as well as providing IT control advisory services and serving as a resource for Agency investigations.
Responsibilities of the Associate Internal Auditor (DPA) include, but are not limited to, the following:
? Supervise activities related to the audit engagement.
? Prepare for, and participate in, audit-related meetings, including the Scoping, Opening and Closing conferences.
? Utilize automated workpaper software to document IT audit plans, risk/control matrices, IT audit programs, sampling plans, potential observations, and draft IT audit reports.
? Document the detailed design of the area (function/unit) under audit via flowcharts and narratives.
? Discuss the design of the function under audit with relevant OSC management to ensure it accurately captures the detailed process under audit as well as the key risks (to achieving the unit’s objectives) and related key controls.
? Assess the adequacy of the design of controls, identifying control weaknesses and other areas for improvement and developing recommendations for control improvement.
? Conduct detailed testing to determine the level of compliance with the design of the key IT control policies and procedures.
? Ensure that the IT audit work performed, and supporting documentation, complies with professional auditing standards and adequately support any conclusions reached.
? Identify, with unit management’s input, insightful recommendations for improving the function under audit.
? Prepare the initial draft of the proposed IT audit report for Internal Audit management.
? Research audit-related products and/or services.
? Provide internal control and IT security advice to OSC IT projects whenever requested, and/or serve on related sub-committees.
? Review and comment on OSC’s draft IT security policies and procedures.
? Coordinate the completion of the IT portion of OIA’s annual risk assessment and provide input to the preparation of OIA’s IT Audit Plan.
? Remain current on IT industry trends and practices concerning IT infrastructure, new equipment and software, and any related vulnerabilities and issues that may impact OSC’s IT internal control systems.
? Remain current on new applications and software, and any related vulnerabilities (e.g., viruses) and issues that may impact OSC’s IT internal control systems.
? Remain current on any changes to professional audit and IT standards.
? This research involves reviewing periodicals, professional auditing Internet sites, and security-related Internet sites. It also involves reviewing documents posted to key OSC IT team rooms.
? Provide technical assistance to non-IT audit staff (e.g., Continuous Auditing programs, Data Warehouse extracts, etc.)
? Assist with the IT audit steps performed as part of non-IT audits within OIA.
Additional Comments Desired Competencies
? Information technology background; i.e., system operations, application programming, systems programming, network management, mainframe, server administration, and/or systems analysis.
? Auditing experience.
? Strong analytical skills.
? Strong written communication and documentation skills; i.e., ability to provide review comments re: workpapers, document audit findings, and prepare draft reports.
? Strong verbal communication and interviewing skills.
? Working knowledge of internal controls.
? Ability to research IT products, IT industry changes, and industry-known vulnerabilities.
? Security conscious.
? Ability to be objective.
? Ability to respect confidentiality.
Some positions may require additional credentials or a background check to verify your identity.
Email Address recruit@osc.state.ny.us
Address
Street Office of Human Resources
110 State Street, 12th Floor
Notes on ApplyingInterested candidates should submit a cover letter and resume to recruit@osc.state.ny.us no later than October 25, 2017. Please reference Item #140 GOER-JFP when responding.
When responding, please include the reference number and letters listed in this section. (The Vacancy ID # should not be included).