Purpose of the Job:
Contribute to the development and execution of Meridian’s IT audit plan, and take the lead role in the day-to-day management and performance of IT-related audits; Support the development, follow-up, and ongoing maintenance of the Continuous Auditing program and development of CAATs; Contribute to the audit function by addressing IT risks associated with business objectives and evaluating the controls in place to mitigate those risks; Provide value-added advice and support to business partners as it relates to effectiveness or efficiency opportunities in the IT internal control environment.
This position will be based in the Toronto Corporate Office but will be required to travel to Branch, CBC locations and/or the St. Catharine’s Corporate Office.
Internal Audit Engagements and Continuous Audits:
- Perform an IT risk assessment on individual audits, considering automated and/or IT controls as well as logical, application and general controls.
- Develop IT test plans to analyze, test and evaluate the IT control environment.
- Plan and execute assigned IT audits, taking a hands-on and risk-based approach;
- Demonstrate proficiency in applying IT audit principles, skills and techniques in reviewing and testing business/operational systems;
- Document conclusions; organize and reference work papers for review;
- Take an active role in IT audits that are outsourced to external consultants, performing IT test procedures as assigned and offer value-added advice related to Meridian’s IT control environment;
- Participate in closing meetings at the end of fieldwork, providing clear explanations for the results of testing/analytics, as required;
- Support the Senior IT Audit and Controls Specialist in the development, execution, follow-up, and maintenance of continuous auditing activities under the Data Analytics and Continuous Auditing Program.
- Contributes to the safeguarding of corporate assets and the interests of Members by ensuring that appropriate IT internal controls are in place and appropriate;
- Develops and maintains professional relationships with management. Builds collaborative partnerships with management in order to be an agent for constructive change;
- Obtains an understanding of the organization’s major systems, including its IT environment, to develop future testing of the IT audit universe;
- Supports the Senior Manager, Internal Audit Services and CAE in special investigations, as required.
Knowledge, Experience, and Skills:
- Undergraduate degree in Math, Computer Science, Business or equivalent, is required;
- A recognized information technology audit-related professional designation is required (eg CISA, CISSP, COBIT 5 Certified Assessor, etc.);
- Other recognized professional designations would be considered an asset (eg CA, CMA, CIA, CISM, CRISC, CEH, PMP, etc.);
- A minimum of three (3) years of IT auditing experience is required;
- Prior IT auditing experience with Financial Institutions would be an asset;
- Technical expertise and knowledge of current IT auditing theory and techniques; adopts and applies rigorous professional standards related to internal controls and IT audits;
- Experience in development/performance of a broad-based IT audit program that positions the organization in compliance with newly developed and evolving Canadian corporate governance guidelines and practices;
- Experience using internal audit-specific data analysis tools such as ACL and/or open data science tools such as SQL, R, and Python to perform Computer Assisted Audit Techniques and Continuous Auditing activities;
- Experience using automated working paper and/or governance, risk, and compliance applications would be an asset;
- An understanding of IT internal control concepts (specifically those embodied in the COBIT 5 Framework and ISO 27002 standard), and experience in applying them to plan, perform, manage and report on the evaluation of various business processes/areas/functions;
- An understanding of internal auditing standards, COSO and risk assessment practices;
- Ability to manage, prioritize and deliver key initiatives with high quality work product while working independently and autonomously;
- Able to communicate effectively with staff and all levels of management on a one-to-one basis with the ability to stand firm on difficult issues when required;
- Strong writing skills;
- A collaborative consensus-builder, willing to share knowledge and findings with others in order to arrive at a “win-win” solution.
- Analytical; brings a logical approach to identifying/evaluating issues and problem-solving.
- Unquestioned personal integrity, highly professional and credible, with strong ethics and values consistent with Meridian’s culture.
- Exceptional interpersonal skills with a diplomatic and collegial approach to the audit function.
- Displays sensitivity and an awareness of the potential implications/ confidentality of highly sensitive information.
- Ability to travel within Ontario (25 – 30%, when required).
- Proficient in Microsoft Office (Word, Excel, Outlook).