Information Systems Audit Manager (Level 4)

Location: Edmonton
Closing Date: Until Filled

The mission of the Auditor General of Alberta is to serve Albertans by conducting comprehensive risk-based audits that provide independent assessments to help the Legislative Assembly hold government accountable. We audit over 175 organizations, ranging from government departments, universities and colleges, to the health authority and financial institutions. Our audits provide our clients, the Members of the Legislative Assembly, with information they can use to effectively oversee and scrutinize public spending. We do this by performing a variety of financial statement and systems audits which lead to recommendations for improvements.

The Role:

As a key member of the Office’s Information Systems Audit (ISA) team, the successful candidate will manage a team of IT auditors that perform detailed audit procedures to assess the reliability and effectiveness of the information system environments of the Office’s auditees. Audit responsibilities , include planning and performing reviews of the general computer controls, business processes, and application controls. Examples of tasks include assessing and evaluating:

• Organizational controls by examining IT strategic plans, IT operating procedures, segregation of duties;
• IT risk and threat assessment and remediation procedures;
• Business processes, and identifying and testing key general computer and application controls;
• IT systems security, such as security policies, network security, operating system security, database security, and physical security;
• Change management policies and practices by examining change management policies, change management procedures, and change management processes;
• Business continuity preparedness by examining business resumption plans, disaster recovery plans, plus restart and recovery policies and procedures.

ISA audit managers will also be required to perform specialized IT operational audits as directed by the ISA Team Leaders. These types of audits assess the security, efficiency and effectiveness of management system to provide programs and services to Albertans.

Candidates must be able to prepare detailed reports that describe weaknesses found and provide recommendations for improvement, as well as management letters that summarize findings of the work performed. In addition, the candidate must be able to prepare detailed audit programs for subsequent reviews.

Knowledge of the Canadian Institute of Chartered Accountants’ Trust Services, and the new CSAE 3416 reports and guidelines, and Information Systems Audit and Control Association’s Control Objectives for Information Technologies (COBIT), and the Common Body of Knowledge as compiled by ISC2 (International Information Systems Security Certifications Consortium, Inc.) would be an asset.

Qualifications:

• Candidates should currently hold a recognized information systems security designation (e.g., CISA, CISSP or GIAC), and have considerable related experience in the information systems audit field, including progressively more senior management experience;
• Experience planning and successfully completing IT audit engagements;
• An undergraduate degree in Computer Science is preferred; equivalencies will be considered;
• Proven experience working in a team environment, and interpersonal skills;
• Strong working knowledge of computers, specifically in one or more areas of networking, security, applications and databases, system development, change management, and risk and governance;
• Demonstrated abilities in risk analysis, documentation and evaluation of controls;
• Excellent organizational and interpersonal skills;
• Experience leading junior level staff on projects;
• Strong communication skills – Above average English written and verbal skills

Angela Karwal
Human Resources Consultant
Office of the Auditor General
8th Floor, 9925 - 109 Street
Edmonton, AB T5K 2J8
Canada
Tel: 780.422.6788
Fax: 780.427.5080
Email: employment@oag.ab.ca