Summary of the position
The Senior Auditor performs a preliminary assessment of the audited activity and its internal control framework. He / she performs independent testing and analysis on specific controls in order to meet the audit’s objectives. He / she also contributes to drafting the debriefing presentation and the final report sent to Management. Depending on the assignment, Senior Auditors may have to directly supervise one or several Auditors and may act as deputy to the Lead Auditor.
Key Responsibilities
The Senior Auditor may either work independently or supervise one or several auditors.
I – Conduct of assignment
- To independently carry out audit planning and fieldwork, including :
A preliminary assessment of the audited activity highlighting the related risks and controls
Interviews, testing and analysis of the results of the controls planned in the audit program Assessing controls for compliance with regulations, regulatory guidance including but not limited to Federal Financial Institutions Examination Council (FFIEC) IT Examination Booklets, NY Department of Financial Services (DFS) 500, DFS 504, Gramm–Leach–Bliley Act (GLBA), National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT) etc. Assessing processes and controls within core IT infrastructure, IT operations, cybersecurity, business continuity planning and IT disaster recovery, business applications, data governance and management. Assessing control design, effectiveness and sustainability To document clearly and precisely in test sheets the controls performed and the conclusions reached To communicate succinctly and precisely in verbal and written communications To identify and report on strengths and weaknesses of the audited areas, to analyse the root causes and consequences of the identified weaknesses, to formalise possible remediation and recommendations to address the findings and to conclude on the effectiveness and efficiency of the control set-up and business practices To present audit conclusions to IGE management and to the management of the audited unit (debriefing presentation, final audit report, etc.) To keep his / her management informed of the progress on the audit work assigned, and to escalate any issue that may impact or delay the audit’s execution or to raise any other relevant information on the assigned audit and the risk and control environment To proactively conduct recommendations follow-ups to monitor whether adequate corrective actions have been taken prior to closing any recommendations To ensure proper archiving of any supporting documentation, audit evidence and deliverables. To demonstrate accountability and ownership for the work assigned J-18808-Ljbffr
