IT Auditor in Detroit, MI at DISYS

Date Posted: 2/6/2018

Job Snapshot

Job Description

IT Auditor

We have a client that is Detroit, Michigan-based utility incorporated in 1995 involved in the development and management of energy-related businesses and services nationwide. They are looking for an IT Auditor

IT Auditor Responsibilities

  • Assists in planning, developing, conducting, and occasionally leads NERC CIP Compliance QA Check.  Bachelor Degree required in Accounting, Computer Science, Business Administration, or Engineering.  
  • IIA/ISACA and MBA, CPA, CIA, CA preferred
  • Strong IT audit experience a must
  • Experience in compliance audits

IT Auditor Education And Certification Preference, Not Required

  • Bachelor Degree Accounting, Computer Science, Finance, Business Administration
  • CISA (Certified Information Systems Auditor)
  • IIA member (Institute of Internal Auditors)
  • ISACA member (Information Systems Audit and Control Association)
  • Certified Internal Auditor (CIA)
  • CPA
  • MBA

IT Auditor Skills


  • Experience with Compliance Audits
  • Familiarity with NERC-CIP requirements
  • Developing IT Control Framework
  •  Implementing IT Control Framework
  • Testing IT controls
  • Designing controls in the IT processes

Risk Assessment & Planning                      

  • Assess Risk Attributes Utilized in Risk Assessment
  • Assess Scoring Assigned to Risk Attributes Identified
  • Complete Risk Assessment Worksheet
  • Identifying processes which require review
  • Controls are developed to mitigate risks and meet or exceed requirements of NERC-CIP
  • Existing control Risk Rankings are updated as necessary
  • Determine ownership and schedule of controls program implementation activities

Control Design                 

  • Review process documentation, programs, standards, Reliability Standard Audit Worksheets (RSAWs), etc.
  • Identify and document key risks and controls for applicable process documentation, programs, standards and requirements          
  • Review Risk Controls Matrix (RCM) for completeness and accuracy to address requirements

Control Testing                

  •  Identify, based on risk ranking, the controls which will be in scope for testing & establish the timing of testing procedures to be performed
  • Develop (1) testing approach (2) detailed instructions and validation (3) sample size (4) periodicity
  • Identify, based on risk ranking of the associated required/control, past issues, as well as the knowledge & independence of the potential testers, who will perform testing
  • Testing instructions received and executed by assignee over (1) control design (2) control operating effectiveness    

Gap Assessment/Remediation                 

  • Identify areas where controls do not adequately address standards and requirements

Governance, Monitoring, and Reporting                              

  • Implement governance structure, tools and templates
  • Implement ongoing QA/QC, monitoring and reporting mechanisms

Job Requirements

Digital Intelligence Systems, LLC. is an Equal Opportunity Employer, M/F/D/V. We do not discriminate against any employee or applicant because they inquired about, discussed, or disclosed compensation. Email recruitinghelp @ disys.com to contact us if you are an individual with a disability and require accommodation in the application process.Digital Intelligence Systems, LLC. is an Equal Opportunity Employer, M/F/D/V. We do not discriminate against any employee or applicant because they inquired about, discussed, or disclosed compensation. Email recruitinghelp @ disys.com to contact us if you are an individual with a disability and require accommodation in the application process.

CHECK OUT OUR SIMILAR JOBS

  1. Auditor Jobs
  2. Internal Auditor Jobs