WHAT DOES AN IT AUDIT MANAGER DO?

Reviewed by Lam Nguyen under Editorial Standards

Updated: Mar 19, 2026. The Information Technology (IT) Audit Manager leads and executes IT audit, SOX compliance, and advisory engagements, ensuring effective risk management, internal controls, and regulatory compliance across business and technology environments. This role involves managing audit teams, developing risk-based audit plans, driving process improvements, and delivering high-quality audit reports while collaborating with stakeholders and senior leadership. The manager also leverages data analytics, supports continuous monitoring, and fosters team development to enhance audit effectiveness and organizational value.

A Review of Professional Skills and Functions for IT Audit Manager

1. IT Audit Manager Accountabilities

  • IT Audit Execution: Manage, execute and complete the assigned IT audit assignments in accordance with the standards.
  • Report Preparation: Prepare audit reports (with fieldwork auditors) in accordance with acceptable quality standards.
  • Team Leadership: Lead the Group IT audit team with relevant Cybersecurity, emerging technologies and technical security control knowledge.
  • Risk Monitoring: Keep abreast of emerging IT risk issues and other key changes.
  • Cross-Functional Collaboration: Partner with operational/financial auditors to assess application IT controls related to key business processes.
  • Audit Planning: Prepare and manage IT annual audit plans based on the changing IT controls, risk posture, and/or business priorities.
  • Issue Follow-Up: Follow up on outstanding audit issues and monitor the timely completion of agreed remedial actions by management.
  • Relationship Management: Build a good audit relationship with key IT Management via regular interaction.
  • Issue Facilitation: Lead/facilitate discussion of issues and remedial action plans with various levels of management.
  • Team Development: Proactively contribute to the development of the IT audit team through coaching, training and providing timely feedback to junior staff.

2. IT Audit Manager Job Summary

  • IT Audit Execution: Undertake IT audits in line with ISACA standards and company protocols.
  • Control Review: Review IT General Controls, projects and programmes, and IT security.
  • Stakeholder Management: Work with the Audit and Risk team to maintain and develop relationships with key stakeholders.
  • Risk Assurance: Help ensure work carried out adequately addresses the key risks.
  • Control Improvement: Work with individual business units to allow improvements in the controls, which will mitigate risks.
  • Data Analysis: Review technical data, identify associated risks and interpret this into easy-to-understand terms for non-IT professionals in the business.
  • Action Monitoring: Ensure reported actions are agreed with SMT and are then followed up on, which will establish whether they have been carried out.
  • Influence and Persuasion: Persuade and influence senior stakeholders to ensure this does happen.

3. IT Audit Manager Responsibilities

  • Internal Control Application: Apply internal control principles and technical knowledge, including Application Controls and IT General Controls, and financial reporting concepts.
  • Compliance Management: Provide daily management and oversight of compliance and third-party attestation (e.g., SOC, ISO, HITRUST, etc.) projects.
  • Audit Planning: Develop and execute a detailed audit work plan for the IT audit component of the IA team through resource allocation, customer coordination and quality review.
  • Security Assessment: Perform IT security assessment processes, including audit and organizational policy and standards review.
  • Report Drafting: Draft and assist in reporting audit results to firm leadership.
  • Risk Communication: Assess and communicate audit results, translating findings into a level of risk and drive remediation of key issues in a timely manner.
  • Audit Reporting: Draft and analyze audit reports and establish metrics and monitoring efficiencies.
  • Control Framework Development: Develop an effective and sustainable IT system controls framework.
  • Control Evaluation: Manage the evaluation of the design and operational effectiveness of IT System Controls.
  • Training Delivery: Participate in the development and delivery of training curriculum.
  • Team Development: Participate in hiring activities for the IA team staff and provide staff with coaching/development.

4. IT Audit Manager Details

  • Risk Understanding: Quickly and proactively build a deep understanding of Koch Companies' IT standards, policies, and guidelines, as well as risks associated with each business and business capability.
  • Audit Strategy Development: Develop audit strategies and/or protocols for projects based on assessed risks, regulatory requirements, and compliance standards.
  • Project Management: Demonstrate well-developed project management skills, critical thinking, and a sense of urgency when performing audits and investigations.
  • Audit Execution: Conduct audit interviews and perform audit testing to identify potential gaps and opportunities.
  • Report Writing: Create high-quality audit reports that are accurate, concise, insightful, and delivered on a timely basis.
  • Process Improvement: Develop audit tools, assist with continual improvement of IT practices and key controls, and assist with the development and implementation of assurance strategies.
  • Innovation Enhancement: Continuously improve the audit process through innovation.
  • Customer Focus: Exhibit customer focus by developing strong relationships with internal customers to better understand risks and anticipate their needs.

5. IT Audit Manager Duties

  • Control Review: Perform IT general controls reviews, application controls reviews, and system development reviews.
  • Infrastructure Assessment: Responsible for infrastructure reviews, security and data privacy reviews, SDLCs, and pre- and post-implementation reviews.
  • Audit Participation: Perform and/or participate in audits evaluating the adequacy of non-IT controls for business units and/or key business processes.
  • Audit Planning: Assist the Vice President of Internal Audit in developing an audit approach and testing strategy for IT audits.
  • Integrated Support: Support non-IT Internal Audit staff in integrated audit projects by ensuring key business and information technology risks and controls are evaluated relevant to the scope of the review.
  • Results Communication: Communicate audit results to the Vice President of Internal Audit, management, and external auditors.
  • Report Preparation: Prepare the audit report draft for the Vice President of Internal Audit’s review.
  • Recommendation Clarity: Ensure recommendations are clear, concise, and focused on required remediation.
  • External Coordination: Coordinate IT testing and related IT SOX work with external auditors.
  • Risk Assessment: Participate in ongoing IT Risk Assessment to ensure the annual audit plan adequately addresses IT control risk.
  • Team Collaboration: Collaborate with other Audit staff to ensure all financial, operational, and compliance audit engagements properly address relevant IT risks.
  • Relationship Building: Facilitate good working relationships and communication flow between the Internal Audit Department and management, IT personnel, and external auditors.
  • Special Projects: Complete special projects as requested by Executive management and the Audit Committee.

6. IT Audit Manager Roles

  • Team Management: Manage and direct assigned staff to ensure completion of complex audits within departmental and professional standards in established timeframes.
  • Audit Execution: Plan, direct, execute and finalize the audit engagements.
  • Work Program Development: Establish audit work programs to effectively evaluate operations, based on best practices, regulatory requirements, and the operating environment.
  • Quality Review: Review the work of other team members and challenge their understanding of audit areas and processes to ensure adequate coverage.
  • Communication Management: Communicate appropriately to process owners and management during and at the conclusion of fieldwork with regard to audit findings.
  • Report Review: Review and provide feedback on formal written reports covering the results of audits and present audit findings and recommendations to executive management.
  • Client Relations: Maintain excellent management client relations while communicating issues, concerns, and recommendations to management clients.
  • Team Support: Assist other internal auditors in maintaining excellent management client relationships.
  • Project Monitoring: Lead, participate in, and monitor work assignments to ensure the timely completion of the project.
  • Documentation Review: Conduct a thorough review of work papers and report drafts prior to submission to department management.
  • Follow-Up Evaluation: Review follow-up procedures to ensure agreed-upon action plans have been implemented by management.

7. IT Audit Manager Tasks

  • Global Coordination: Coordinate effectively with the global audit team to complete global projects.
  • Regulatory Knowledge: Maintain current knowledge of regulatory requirements and professional standards.
  • Staff Training: Train staff members in internal audit techniques, organizational issues, and departmental procedures and protocols.
  • Departmental Initiatives: Participate in departmental initiatives and projects under the direction of the ASG Management to develop a world-class internal audit function.
  • Staff Scheduling: Determine staff scheduling of assignments based on skill levels needed for specific audits/projects.
  • Risk Identification: Work with the ASG management team to identify key areas of risk in its business units and subsidiaries.
  • Issue Communication: Work closely with the ASG management in promptly communicating issues and concerns as they relate to audit assignments and the general operation of the department.
  • Staff Development: Assist the ASG management in training, developing, and evaluating internal audit staff or assist.
  • Policy Compliance: Ensure that the processes encompass the company’s diversity commitment, compliance with company policies and legal requirements.
  • Deliverable Review: Assist with the review and approval of department deliverables, including findings and recommendations.
  • Quality Assurance: Establish and maintain (or assist with) a quality assurance program and develop and maintain a working department audit manual.

8. IT Audit Manager Details and Accountabilities

  • Team Leadership: Accountable for leading and developing a diverse team of IT audit professionals and overseeing the entire life-cycle of an audit, including planning, execution, reporting and findings follow-up.
  • Audit Management: Direct, oversee, plan and execute audits, resource requirements and processes.
  • Quality Assurance: Ensure audits are completed in accordance with established standards and within prescribed time, budget and scope parameters.
  • Audit Planning: Complete audit planning, risk and control assessment, and develop/update audit programs with assistance from senior auditors/auditors.
  • Testing Supervision: Supervise and monitor audit testing.
  • Documentation Oversight: Direct and oversee the completion of documentation of audit work in a clear, concise, logical manner and assessment of risk, design and operating effectiveness of controls.
  • Work Review: Review test working papers and audit findings/recommendations.
  • Findings Presentation: Present findings and recommendations to management.
  • Report Drafting: Draft audit report and obtain approvals to issue the audit report.
  • Follow-Up Management: Oversee and/or execute the follow-up of audit findings.

9. IT Audit Manager Overview

  • Audit Communication: Manage the ongoing audit communications and/or the reporting process with the client, senior management and external auditors for specific and/or overall audit area.
  • Process Improvement: Work with IT Audit Management to improve the audit process to ensure audits are performed efficiently and delivered timely with quality results.
  • Trend Awareness: Keep abreast of emerging trends and issues in information technology.
  • Risk Understanding: Develop and maintain a strong understanding of current business risks to adequately assess business impacts.
  • Research and Benchmarking: Conduct research to identify benchmarks and best practices for the management of IT risk across businesses.
  • Audit Planning: Contribute to the audit planning process for specific businesses/functional units.
  • Team Management: Manage a small/medium team of professional resources directly or indirectly and/or actively develop, recruit, train, coach and conduct performance assessments for team members.
  • Team Building: Promote and foster a cohesive team and positive work environment that encourages innovation, creativity and collaboration.
  • Relationship Management: Build and maintain positive working relationships by effectively communicating and regularly sharing information, issues/points of interest, learnings and knowledge with the team, internal and external business partners.
  • Goal Support: Support management and other team members in the achievement of individual, divisional and team goals.

10. IT Audit Manager Job Description

  • Objective Setting: Assist the Senior IT Audit Manager in setting IT audit objectives and developing an IT audit approach and methodology.
  • Audit Planning: Support the Senior IT Audit Manager in developing a risk-based annual IT audit plan as well as scope, schedule, execute, document and report on integrated and standalone IT-related audit engagements using various testing methods, to ensure the audits are performed on time and with quality.
  • Agile Methodology: Assist in developing an agile audit approach, including the development of new audit programs on the group’s emerging IT risks.
  • Control Assessment: Execute audit activities for the Group to assess the design of controls, operating efficiencies and compliance with corporate policies, legal requirements, rules and regulations.
  • Governance Support: Assist in the development, planning and execution of IT control and governance initiatives.
  • Report Preparation: Prepare internal audit reports for the Audit and Corporate Governance Committee (ACGC).
  • Advisory Support: Provide constructive advice to leadership and business unit and function heads to improve efficiency and risk mitigation.
  • Special Reviews: Perform special reviews requested by the Board or ACGC, or Senior Management.
  • Regulatory Research: Research and keep abreast of up-to-date legislative issues, new audit and IT regulations/trends and audit methodology.
  • Policy Review: Review and update related IT internal audit policies, standards and practices.
  • Data Analytics: Use data analytics for performing a dashboard analysis.

11. IT Audit Manager Functions

  • Audit Planning: Plan, develop, and execute specific audit procedures to meet planned objectives of audits of complex Bank technology activities, including technology in support of regulatory compliance and finance.
  • Control Evaluation: Formulate recommendations regarding control deficiencies and system ineffectiveness.
  • Operational Improvement: Identify areas for improved control, cost savings, and operational efficiencies.
  • Documentation Review: Prepare or review audit documents, work papers, audit reports, memoranda, and presentations.
  • Information Presentation: Present information in a clear, concise, and persuasive manner to the Audit Committee and management, as deemed applicable.
  • Management Communication: Meet and communicate with Management to perform audit procedures and provide status updates, findings and recommendations, and forward-looking insights.
  • Risk Assessment: Drive the IT audit risk assessment and track for significant changes in risk factors.
  • Team Management: Manage a team of IT auditors to drive completion of technology and information security audits.
  • Audit Support: Support the Internal Audit relationship between technology and information security.

12. Senior IT Audit Manager Roles and Responsibilities

  • Strategic Oversight: Apply a strategic perspective in overseeing the planning, execution and delivery of assigned audit and advisory engagements in accordance with audit methodology and audit plan budgets and timelines.
  • Technology Awareness: Maintain awareness of technology trends, risks and controls through personal curiosity, training and networking.
  • Risk Prioritization: Drive risk-prioritized engagement planning and delivery, challenging scope and approach based on company and industry risks, including emerging risks.
  • Performance Management: Lead performance activities for direct reports, including goal setting, career planning, training selection, certification and timely performance discussion that grow and support staff in their career aspirations.
  • Relationship Building: Build and cultivate Internal Audit and client management relationships that foster a strong risk culture, understand the organization’s business, identify IT risks and contribute to a constructive Internal Audit brand.
  • Report Preparation: Incorporate a holistic and business-oriented view in preparing audit reports and issues through concise, precise and accurate writing.
  • Quality Review: Review work to ensure it is performed and documented in accordance with audit methodology and provide timely feedback to auditors.
  • Negotiation Leadership: Lead and actively participate in negotiations with clients, peers and senior audit executives in conversations about risks and controls within assigned engagement books and as part of team and departmental discussions.
  • Innovation Integration: Incorporate innovative audit techniques, including data analytics, in engagements, continuous monitoring and to increase the scope, quality and timeliness of work performed.
  • Progress Reporting: Provide clear and timely engagement updates to audit management and clients, especially regarding delays, control issues, budget, or timeline concerns.

13. IT Audit Manager Responsibilities and Key Tasks

  • Project Leadership: Lead a solutions-based project team to complete wide-ranging audit initiatives, both on time and within budget.
  • Industry Expertise: Provide knowledge and expertise on industry practices, audits, risk, and internal controls.
  • Compliance Management: Manage regulatory compliance engagements, including Sarbanes-Oxley requirements.
  • Program Development: Create risk-based audit programs related to IT systems, processes, and technologies.
  • Testing Methodology: Develop testing methodologies to evaluate the adequacy of controls.
  • Process Evaluation: Lead the analysis and evaluation of technology-driven business processes and controls within the organization.
  • Standards Research: Research technology standards, including but not limited to COBIT, ISO, and ITIL.
  • Regulatory Oversight: Manage compliance engagements, including Sarbanes-Oxley initiatives, and stay ahead of regulatory compliance changes.
  • Attestation Management: Manage SSAE 18 engagements (i.e., SOC 1 and SOC 2 attest engagements).

14. IT Audit Manager Duties and Roles

  • Risk Identification: Leverage industry-leading standards to identify current and potential risks.
  • Audit Communication: Communicate audit findings and recommendations to senior-level resources with verbal and written correspondence, including draft reports that are comprehensive and complete in each audit area.
  • Project Leadership: Demonstrate strong project leadership expertise, including mentorship, knowledge transference, and reviewing deliverables.
  • Collaboration: Collaborate with a number of industry specialists to test and design the effectiveness of audit processes, controls, continuous monitoring and reporting in dynamic environments.
  • Team Management: Lead small teams effectively, managing multiple projects and providing meaningful feedback in a timely, consistent, constructive manner.
  • Issue Resolution: Update leadership on issues as soon as they arise and proactively create solutions.
  • Service Contribution: Contribute to other initiatives centered upon Focal Point’s full suite of risk-related service offerings, including security, privacy and enterprise-wide IT Risk management.
  • Business Development: Support in new business development endeavors, participating in client engagements, the development of proposals or project bids, and presenting opportunities to new clients.

15. IT Audit Manager General Responsibilities

  • Audit Execution: Execute audit objectives by understanding the business divisions and being a subject matter expert in IT.
  • Time Management: Execute IT audits within agreed timeframes.
  • Control Testing: Test key controls by gathering relevant audit evidence and interpreting data.
  • Documentation: Document test plans, results and conclusions clearly and concisely.
  • Issue Validation: Issue validation interview customers and conduct the process.
  • Knowledge Development: Develop individual knowledge of the Group's IT systems, technologies and processes.
  • Technical Understanding: Showcase general understanding of diverse IT systems concepts.
  • Stakeholder Management: Effectively manage stakeholders, timelines and communication.

16. IT Audit Manager Key Accountabilities

  • Engagement Management: Manage multiple IT audit engagements and projects.
  • Process Leadership: Provide functional leadership of the IT audit processes and ensure assigned audits are completed in compliance with department policies and procedures and ensure all audit objectives have been satisfied.
  • Work Planning: Review, approve, and manage progress against audit work plans, delegate appropriately, and provide flexible alternatives in order to manage multiple work assignments.
  • Methodology Compliance: Ensure all audits are executed utilizing a consistent audit methodology, as defined in the Audit Manual.
  • Scope Definition: Determine and approve the objective, scope, and general plan of each audit.
  • Scope Management: Responsible for managing audit scope.
  • Risk Prioritization: Focus audit scope on higher risk areas.
  • Progress Tracking: Track and report on audit progress.
  • Resource Management: Manage costs and timeliness.
  • Business Understanding: Know the business and understand key factors impacting the company.

17. IT Audit Manager Role Purpose

  • Strategic Alignment: Align work with department and company strategy.
  • Action Follow-Up: Follow up on action plans from management.
  • Staff Development: Train, coach, and mentor audit staff to develop skill levels and auditing effectiveness.
  • Team Building: Establish an atmosphere of trust, honesty, and respect among team members that encourages communication and allows the team to.
  • Task Management: Effectively accomplish assigned tasks within defined cost, schedule, and quality assurance requirements.
  • Audit Support: Assist the VP of Audit with ongoing auditing, monitoring, and administrative responsibilities.
  • Program Maintenance: Assist the VP in maintaining and modifying audit programs to ensure procedures are current and effective.
  • Process Improvement: Identify areas of opportunity to improve the department’s functionality, either administratively or operationally.
  • Performance Communication: Communicate with the VP of Audit any performance issues with regard to either personnel or audit practices to provide the requisite constructive assessments.
  • Policy Compliance: Ensure adherence to department policies.
  • Change Management: Participate in change design and assist in leading the communication and implementation of change initiatives.
  • Administrative Support: Perform other administrative duties as delegated by the VP of Audit.
  • Report Finalization: Review and finalize reporting, both written and oral, to key internal customers.

18. IT Audit Manager General Responsibilities

  • Plan Development: Participate in the development of the annual risk-based plan.
  • Risk Understanding: Understand business segments and associated risks.
  • Risk Assessment: Maintain a continuous risk assessment thought process throughout the year to ensure the audit plan is reflective of emerging risks.
  • Stakeholder Communication: Maintain continuous informal communications with the business unit and/or project management to identify possible future audit risks or concerns.
  • Client Relationship: Cultivate relationships with clients.
  • Partner Involvement: Involve key partners in the execution of the audit and the resolution and reporting of findings.
  • Cross-Functional Interaction: Interact with all organizational units and levels, as well as others outside the organization, e.g., external auditors, attorneys.
  • Recruitment and Evaluation: Assume the primary role in recruiting and regular performance evaluation activities of direct reports.
  • CAAT Implementation: Identify opportunities for the use of computer-assisted audit techniques (CAAT) and design and program audit software to improve audit productivity and coverage.
  • Staff Guidance: Guide staff in developing and maintaining CAAT scripts.
  • Result Communication: Communicate audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence, both for individual issues as well as for the processes and total audit scope.

19. IT Internal Audit Manager Essential Functions

  • Risk Evaluation: Identify and evaluate the organization’s technology audit risk areas and provide key input to the development of the risk-based annual internal audit plan.
  • Audit Execution: Perform audit procedures, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.
  • Interview and Documentation: Conduct interviews, review documents and prepare working papers.
  • Issue Identification: Identify, develop, and document IT audit issues and recommendations for improvement using independent judgment concerning areas being reviewed.
  • Result Communication: Communicate or assist in communicating the results of IT audit and consulting projects via written reports and oral presentations on a timely basis to senior management.
  • Team Collaboration: Develop and maintain productive team-oriented relationships within the team and across the organization through individual contacts and group meetings.
  • Governance Consulting: Coach and consult business units, MGS and Corporate on governance, risks and controls.
  • Global Initiatives: Lead or contribute to regional or global Internal Audit (IA) initiatives that focus on governance and control improvement or IA-internal processes.
  • Professional Development: Pursue professional development opportunities, including external and internal training and professional association memberships, and share information gained with co-workers.
  • Representation: Represent internal auditing on organizational project teams, at management meetings, and with external organizations.

20. IT Audit Manager Additional Details

  • Audit Execution: Assist in the execution of the IT audit program by conducting and overseeing IT audits of information technology, cybersecurity, cloud computing, IT risk management and supporting processes.
  • Technical Assessment: Analyze and assess architecture, technology infrastructure, data storage, security, change management, IT governance and compliance with regulatory guidance and industry standards.
  • Issue Identification: Identify IT and information security program issues, and effectively communicate findings to leadership inside and outside of IT.
  • Process Improvement: Provide recommendations to improve or change processes and systems.
  • Program Design: Assist in the design and planning of a comprehensive IT audit program tailored to the bank.
  • Audit Responsibility: Responsible for conducting IT audits.
  • Departmental Auditing: Perform IT audits of departments, systems and business processes and functions.
  • Compliance Assurance: Ensure audit work is completed according to departmental procedures and IIA standards.
  • Regulatory Compliance: Ensure compliance with the bank policies and procedures, cybersecurity standards, regulatory guidance and applicable laws and regulations.

21. IT Audit Manager Overview

  • Reporting Documentation: Prepare work papers and audit reports to ensure audit objectives have been met, control systems have been properly assessed, and appropriate conclusions reached.
  • Risk Assessment: Assess relevance of audit findings, potential exposures, and materiality.
  • Risk Identification: Identify additional risks not previously considered.
  • Issue Follow-Up: Assist in follow-up on outstanding issues until appropriate corrective action is taken.
  • Corrective Action Review: Ensure corrective action is appropriate to the issue, such as the establishment of effective mitigating controls to address the risks identified.
  • Audit Oversight: Responsible for overseeing IT audits.
  • Liaison Management: Perform duties as liaison to co-sourced auditor firms that conduct internal IT audits and provide oversight of those firms to ensure fulfillment of the terms of their engagements.
  • Vendor Oversight: Ensure that the activities described above are performed by the co-sourced firms as described in Internal Audit’s procedures and policy.
  • Plan Evaluation: Evaluate IT and information security business and implementation plans and internal progress against those plans.

22. IT Audit Manager Details and Accountabilities

  • Project Monitoring: Provide periodic monitoring of major IT initiatives and report on progress against business plans in terms of target dates and achievement of objectives, with analysis of the cause of any issues encountered by IT, Information Security, or the business units in the completion of the plans.
  • Plan Development: Assist the Chief Auditor in the development and implementation of the IT audit plan.
  • Audit Planning: Assist in the development of the IT audit plan using knowledge of information technology, information security, cloud technology, change management, internal goals, external industry developments, regulatory compliance requirements and guidance developments, and internal and external risk factors.
  • Program Analysis: Analyze the effectiveness of the IT audit program.
  • Control Assessment: Ensure the systems of internal controls and risk management processes are properly assessed.
  • Standards Review: Review IT and information industry standards, internal audit standards, and accounting principles and developments.
  • Procedure Integration: Ensure that they are incorporated into any audit procedures and are disseminated to the staff.
  • Regulatory Compliance: Ensure compliance with all regulations, policies, and procedures.

23. IT Audit Manager Duties and Roles

  • Audit Management: Manage the company's information technology audits, operational, compliance/regulatory audits, and assess system configurations, settings, security, data integrity, user access, system implementations, program and project management, and Sarbanes-Oxley testing.
  • Risk Escalation: Provide recommendations for business process improvements and internal controls and escalate potentially significant risks and exposures to audit management and assist in fraud investigations.
  • Budget Control: Ensure budgets are met by minimizing expenses and controlling variances to their lowest level in all areas.
  • Data Analytics: Design and build data analytics scripts to strengthen the system of internal controls.
  • Compliance Monitoring: Develop and perform compliance and monitoring of audit programs for Sarbanes-Oxley initiatives.
  • Control Inspection: Inspect accounting and information technology system controls to determine their efficiency and protective value while analyzing data obtained for evidence of deficiencies in controls, duplication of effort, extravagance, fraud, or lack of compliance with management's established policies and/or procedures.
  • Control Design: Participate in control design, changes, and development with all levels of employees.
  • Report Preparation: Prepare reports of findings and make recommendations to upper management.
  • Policy Documentation: Responsible for documenting policies and procedures for internal controls.

24. IT Audit Manager Duties

  • Governance Assessment: Assist the section head in assessing and reviewing the adequacy and effectiveness of IT governance and controls on IT services management processes supporting IT and business strategy and operation, domestic subsidiaries, and foreign subsidiaries.
  • Staff Coaching: Coach subordinates to complete audit assignments.
  • Schedule Preparation: Prepare a schedule for audit assignments and related documents for pre-audit activities.
  • Meeting Leadership: Lead team to conduct preliminary discussion, opening meeting, and exit meeting with the auditee.
  • Scope Definition: Determine audit objective and scope.
  • Fieldwork Management: Manage team members to perform audit fieldwork and discuss with the section head the audit observation and results.
  • Report Management: Manage the team to complete the working paper and audit report.
  • Issue Follow-Up: Follow up on outstanding audit issues.
  • Performance Evaluation: Evaluate team member performance.
  • Risk Advisory: Assist the section head in providing risk advisory services for IT initiatives related to IT services management to add value to the organization.
  • Control Assurance: Ensure adequate and proper IT controls are in place.
  • Audit Execution: Assist the section head in conducting new priority audit activities, including IT governance and IT general controls, as required by management.

25. IT Audit Manager Job Summary

  • Plan Development: Develop annual IT audit plans for IT-specific areas as well as across operational, financial, compliance and risk management audits.
  • Requirement Support: Support the GIA in identifying requirements to ensure highly specialized technical knowledge and experience are applied appropriately to IT audit reviews.
  • Audit Leadership: Lead and manage IT audit focus through applying risk analysis skills, the use of data analytics and professional judgment.
  • Risk Identification: Identify areas for in-depth review with the aim of providing internal customers and stakeholders with assessments of governance, risk management and internal control frameworks.
  • Plan Delivery: Support the GIA in the delivery of the IT audit plan, including additional ad-hoc or special audit work.
  • Audit Execution: Ensure that IT audits are completed in a timely and efficient manner in accordance with standards established by industry best practices and the relevant risk and regulatory environment.
  • Issue Communication: Communicate root causes of identified issues, associated risks, including recommendations for improvements in business processes, on the current and future business model and operating environment and ensure that action plans are properly implemented by management.
  • Team Guidance: Ensure IT audit team members have a full and complete understanding of the nature and scope of the risks involved in the business by providing the necessary guidance, support and managing their performance throughout each audit.
  • Report Review: Review audit reports to support the Head of Internal Audit and produce high-quality and concise audit reports for the Head of Internal Audit’s review.
  • Stakeholder Communication: Support GIA in communications with Senior Management, the Audit Committee, external auditors and regulators, consultants, and other external parties regarding IT internal audit-related matters.
  • Risk Collaboration: Collaborate with stakeholders to identify potential red flags and ensure that insights into emerging risks and controls are identified and managed.
  • Stakeholder Engagement: Build trust and credibility with stakeholders in order to objectively engage them, challenge their views and support senior management in achieving their business objectives.
  • Project Support: Support the GIA with ad-hoc projects.

26. IT Audit Manager Key Accountabilities

  • Business Acumen: Develop own business and IT acumen and continuous understanding of developments and emerging risks.
  • Project Ownership: Own the end-to-end delivery of multiple audit projects (local or global audits), leading and coaching the team, providing the right guidance, support and quality review of outcomes in line with the Internal Audit methodologies.
  • Audit Planning: Assist the Portfolio Manager in planning and determining the audit scope for relevant audits within the Zurich Operations and Information Technology space, focusing on what matters most.
  • Data Analytics: Plan and execute data analytics testing along the audit cycle in coordination with Data Scientists and Subject Matter Experts.
  • Stakeholder Communication: Support the syndication of the audit observations along the project and establish regular communication and interaction with key senior stakeholders.
  • Audit Leadership: Lead IT audit projects from the planning to the reporting phase and document results with value-added recommendations aligned with audit methodology.
  • Strategy Coordination: Coordinate IT audit strategy and planning with operational and finance audits.
  • Risk Coverage: Provide adequate coverage over the company’s critical IT risks.
  • Testing Supervision: Conduct and supervise the execution of the IT audit plan and testing of ITGCs.
  • Team Collaboration: Collaborate and coordinate with internal audit team members and other IT functions (IT Security, IT Operations and IT Infrastructure) to ensure aligned and efficient execution.
  • Mentorship: Mentor and guide IT associates and senior IT associates in the team and help build a world-class IT audit function.

27. IT Audit Manager General Responsibilities

  • Audit Execution: Work with colleagues to plan and execute audits to a high quality to provide audit assurance and insights over the highest technology risk.
  • Report Delivery: Support the delivery of objective, concise and insightful audit reports on the effectiveness of the framework of controls for each audit.
  • Stakeholder Management: Manage key stakeholder relationships.
  • Issue Tracking: Own the interaction with business management for issue tracking to support Internal Audit's validation of issue closure.
  • Committee Reporting: Support reporting to internal audit key stakeholders (e.g., Audit Committees, Risk Committees, Board Committees) and through these influence management to deliver a more effective controls framework.
  • Risk Analysis: Support the Technology Audit Principal in planning, independently performing risk and control analysis, executing audit testing and preparing reports for IA management review and finalization.
  • Resource Coordination: Support auditors and business stakeholders' time across the business to deliver each audit effectively and efficiently.
  • Relationship Building: Manage relationships with stakeholders and help build a reputation as a business-astute, highly professional and capable audit team.
  • Methodology Compliance: Deliver all aspects of work in accordance with the methodology to the Technology Audit Principal for quality review.
  • Team Contribution: Responsible for being proactive and contributing to team operations, including quarter-end reporting, audit issue follow-ups, enterprise risk management activities and any other team activities.

28. IT Audit Manager Roles and Responsibilities

  • Audit Planning: Contribute to planning, scope development, and project execution for sophisticated technology-related audits and perform audit test work and preparation of adequate and sufficient audit documentation in accordance with prescribed methodology.
  • Control Improvement: Identify root cause and opportunities for improvement of internal controls and acquire consensus on remediation plans with key business partners (IT Operations, Product Security, Information Security and SOX teams).
  • Report Preparation: Prepare audit reports with clearly presented recommendations to management and conduct audit projects on a regular cadence.
  • Independent Execution: Easily adapt between working independently and reciprocally on a team, perform follow-up reviews, and report on the status of action plans to implement internal control improvements derived from internal audit projects.
  • Standards Compliance: Independently carry out audit engagements in accordance with the annual audit plan and known IT standards, e.g., International Organization for Standardization (ISO), National Institute of Standards and Technology (NIST), Open Web Application Security Project (OWASP), Center for Internet Security (CIS) Controls, and so forth.
  • Infrastructure Review: Perform a review of the cloud and network infrastructure with a focus on governance, security, and alignment of business objectives.
  • Documentation: Prepare audit reports supported by evidence-based working papers to ensure adequate documentation.
  • Cross-Department Collaboration: Collaborate with different department representatives and process owners on various initiatives.
  • Ad-Hoc Review: Perform ad-hoc reviews or activities as may be required by the management.

29. IT Audit Manager Roles

  • Audit Supervision: Coordinate, supervise and participate in audits of compliance with prescribed internal controls governing technology processing environments.
  • Program Development: Develop audit programs and perform testing of IT controls within major data centers, supporting technologies, applications, networks, and selected development projects that replace or significantly enhance critical applications.
  • Plan Refinement: Assist in developing and refining the annual audit plan, scheduling audits of data centers, local area networks, service bureaus, system software, applications and systems development projects.
  • Process Improvement: Ensure identification of business process improvements for segments audited, to enhance operational effectiveness, customer service quality and efficient use of company resources.
  • Skill Maintenance: Maintain skillsets on technical changes as well as pertinent internal and regulatory requirements.
  • Change Communication: Communicate these changes within the department and ensure audit programs are revised accordingly.
  • Audit Coordination: Plan, coordinate and execute IT audit activities for the Group.
  • Team Supervision: Supervise other audit staff or assist other audit staff in the same project.
  • Program Customization: Review and customize the audit program during audit planning for an audit assignment.
  • Risk Evaluation: Evaluate risks associated with IT processes and assess the effectiveness of the internal control system in place.
  • Report Preparation: Prepare audit report and make recommendations to management on non-compliance areas, control weaknesses and process inefficiency noted.
  • Project Management: Manage or assist with forensic, special projects, or other finance and operations audits as assigned by the Head of Internal Audit.
  • Department Support: Perform tasks related to the Internal Audit department, as requested by the Head of Internal Audit from time to time.

30. IT Audit Manager Functions

  • Audit Leadership: Deliver and/or lead technology and operational audit assignments across European locations, participating in all stages of the audit from planning, execution, reporting and follow-up.
  • Control Improvement: Identify control gaps or process improvements and gain exposure to senior stakeholders.
  • Portfolio Management: Manage the delivery of a portfolio of audit assignments to a high quality in accordance with audit methodology, within budget and agreed timelines.
  • Stakeholder Engagement: Engage with stakeholders to obtain a clear understanding of the business under review.
  • Finding Communication: Communicate value-added audit findings and reports that provide the impact (root cause and risks), which will require action from senior stakeholders.
  • Business Partnership: Build business partnerships with key stakeholders to assist with control frameworks.
  • Process Enhancement: Support and contribute to the continuous improvement of the audit function through automation (e.g., implementation of audit tools, data analytics and risk/control monitoring).
  • Mandate Management: Manage IT Assurance and IT Advisory mandates with a focus on financial services customers.
  • Exam Participation: Play a central role in global IT exams.
  • System Assessment: Check and assess financial systems, taking risk and compliance into account, as well as regulatory requirements.
  • Optimization Identification: Identify optimization potential in the team and in cooperation with the various internal stakeholders.
  • Interdisciplinary Collaboration: Promote interdisciplinary collaboration with other departments within the global Consultancy Company network.
  • Client Support: Support in maintaining and expanding the Consultancy Company's customer portfolio.

31. IT Audit Manager Details and Accountabilities

  • Audit Oversight: Provide oversight and management of the technology audit assurance program.
  • Audit Coordination: Ensure efficient execution and effective collaboration with external auditors.
  • Risk Assessment: Continuously update Information Technology business risk and control environment assessments, including key risks and controls, through periodic client meetings, ad-hoc walkthroughs, and data analytics.
  • Reporting Support: Prepare insightful written reports and support the IT Internal Audit team, in partnership with the business, to verify that recommendations are implemented in a timely and effective manner.
  • Team Leadership: Provide guidance and direction for audit staff to develop business and audit knowledge.
  • Stakeholder Engagement: Maintain a dialogue with other IT audit and security colleagues from professional associations.
  • Trend Monitoring: Keep abreast of IT security issues and trends in IT audit processes, practices, and techniques.
  • Control Evaluation: Examine internal IT controls, evaluate their design and operational effectiveness, assess risk exposure, and develop remediation strategies.
  • Compliance Assurance: Ensure internal audit work products meet IIA and other applicable standards.

32. IT Audit Manager Key Accountabilities

  • Audit Leadership: Lead technology audits, technology project reviews, and technology audit work in audits of business processes (integrated audits).
  • Risk Evaluation: Identify and evaluate key operational risks and related controls.
  • Stakeholder Engagement: Engage with executive management and stakeholders to stay informed about changes and new initiatives across business and technology areas, and share audit perspectives on risk identification and mitigation.
  • Audit Innovation: Develop new audit technologies, revise existing procedures, and perform risk analyses to determine audit frequency.
  • Issue Analysis: Identify and analyze complex issues, problems, and improvement opportunities, and develop conclusions and recommendations.
  • Audit Execution: Verify or review audit evidence, and prepare audit plans, workpapers, findings, status reports, and audit reports.
  • Follow-up Management: Lead follow-up reviews to ensure that appropriate corrective actions have been implemented by client management.
  • Team Development: Train and develop Staff Auditors and Junior Auditors while maintaining effective working relationships with assigned business areas.

33. IT Audit Manager Responsibilities and Key Tasks

  • Team Leadership: Manage and lead a team of IT Auditors and Senior IT Auditors.
  • Quality Oversight: Provide oversight and leadership to team members, managing quality related to deliverables, project plans, and compliance team performance.
  • Risk Scoping: Oversee scoping, risk assessment, and control rationalization efforts to ensure key compliance risks are covered in the most efficient manner.
  • SOX Planning: Perform annual SOX planning, including determining the timing and extent of testing to meet SOX deadlines.
  • Compliance Coordination: Coordinate IT SOX compliance program activities with external auditors and internal stakeholders.
  • Control Analysis: Analyze the design of IT controls over new and existing systems, including logical access, change management, computer operations, system development life cycle (SDLC), and general IT security.
  • Process Improvement: Challenge the status quo and drive continuous improvement through change.
  • Process Optimization: Identify opportunities and implement initiatives to streamline and standardize the audit process, leveraging data analytics and RPA.
  • Reporting Insights: Identify and report control weaknesses and enhancements to leadership.

34. IT Audit Manager Roles and Responsibilities

  • SOX Evaluation: Evaluate the impact of SOX findings and conclude on their severity.
  • Leadership Communication: Communicate results and assessments to leadership.
  • Training Delivery: Create and deliver in-person and online training on IT SOX basics and best practices.
  • Control Ownership: Drive ownership and accountability for IT SOX controls with Technology owners while supporting them as a subject matter expert.
  • Audit Review: Review testing of ITGCs and automated controls, produce IT audit results using effective project management skills, and communicate progress to leadership.
  • Test Documentation: Review IT control testing and document test results in relevant systems for various compliance tools.
  • Data Validation: Review completeness and accuracy testing for key reports (IPE).
  • Control Design: Formalize and review new IT application controls, including automated and interface controls, that are identified as key to financial reporting.
  • System Advisory: Participate in system implementation projects as an IT control subject matter expert and provide guidance to ensure proper IT controls are designed and implemented.
  • Relationship Management: Develop and maintain productive internal and external client relationships.

35. IT Audit Manager Duties

  • Audit Execution: Execute technology audits and integrated audits to assess controls, operational efficiencies, and compliance with all policies, procedures, and regulations.
  • Procedure Design: Design and execute audit procedures in conformance with GIA quality standards, policies, and procedures.
  • Risk Assurance: Provide assurance and identify risks, issues, and/or best practices with minimal supervision.
  • Engagement Leadership: Lead and execute both moderately and highly complex audit engagements throughout the audit lifecycle, including understanding horizontal and vertical business impacts, integrated audits with IT, analytics, and reviewing workpapers.
  • Problem Solving: Develop and independently perform complex work assignments and problem resolution in support of risk-based assurance and advisory engagements.
  • Stakeholder Contact: Maintain a high degree of business contact through fieldwork, often serving as the primary fieldwork contact.
  • Risk Understanding: Maintain an in-depth understanding of the relationship between business strategies and risks and the effectiveness of associated control activities (e.g., internal control design, risk management, and governance), and apply a risk-based approach across audit activities.
  • Reporting Analysis: Summarize audit testing results, perform root cause analysis of issues, draft audit findings, and communicate them to management.
  • Audit Documentation: Use the audit tool (TeamMate) to document audit work contemporaneously when procedures are performed and/or to evidence supervisory reviews.

36. IT Audit Manager Responsibilities

  • SOX Leadership: Take a leading role in the completion of the Company’s IT SOX program.
  • Audit Management: Lead all aspects of risk-based IT audits, including planning, development of audit programs, process flows, risk matrices, audit workpapers, fieldwork, reporting, and follow-up.
  • Data Analytics: Support the department’s data analytics initiatives.
  • Report Preparation: Prepare audit reports that clearly and concisely communicate findings to management.
  • Risk Evaluation: Identify technology risks and evaluate the efficiency and effectiveness of information technology infrastructure, applications, security, and internal controls.
  • Action Tracking: Ensure management responses to the audit are tracked and implemented in accordance with the agreed-upon timeline.
  • Standards Compliance: Operate within the professional standards set forth by the Institute of Internal Auditors and ISACA.
  • Value Creation: Create value for the company by identifying process improvements or sharing best practices.
  • Special Projects: Undertake additional operational audit reviews, investigations, internal consultancy, and other special projects on an ad hoc basis, as requested by the Audit Committee and/or management.

37. IT Audit Manager Details

  • Audit Planning: Participate or lead in the planning and execution of audit assignments to ensure the quality and timeliness of reports and deliverables.
  • Audit Programs: Develop risk-based audit plans and testing programs.
  • Regulatory Compliance: Ensure compliance with relevant regulatory requirements and recommend improvements to corporate policies, procedures, and practices to enhance IT control design and enforcement.
  • Audit Support: Support business audits through integrated or thematic audits by providing technology expertise and evaluating IT controls supporting business operations.
  • Special Assignments: Manage or participate in other ad-hoc assignments, including special projects and investigations.
  • Risk Monitoring: Contribute to continuous monitoring of technology risk areas.
  • Stakeholder Management: Establish and maintain strong relationships with technology stakeholders, including risk management and control groups.
  • Follow-up Tracking: Assist in following up with auditees on outstanding audit findings through the issuance of the Audit Tracking Report and verification of resolved findings.
  • Quality Assurance: Ensure that audit operating standards and procedures are observed, and that the requirements of the Quality Assurance Review are met.
  • Risk Accountability: Take accountability for considering business and regulatory compliance risks and for taking appropriate steps to mitigate them.
  • Trend Awareness: Maintain awareness of industry trends in regulatory compliance, emerging threats, and technologies to understand risks and better safeguard the company.
  • Risk Reporting: Highlight any potential observations or risks and proactively share best risk management practices.

38. IT Audit Manager Responsibilities and Key Tasks

  • Risk Planning: Assist the Director, IT Audit, in identifying and evaluating the company’s audit risk areas and providing significant input into the development and execution of a risk-based audit plan.
  • Control Review: Review policies, procedures, and system controls to ensure compliance with management’s stated objectives.
  • SOX Compliance: Manage and support company efforts for testing SOX 404 compliance in information technology.
  • Audit Execution: Lead and conduct all phases of information technology audits in accordance with department and professional standards.
  • Scope Definition: Determine the audit scope in consultation with the Director of Information Technology Audit and management; prepare detailed audit programs to cover the audit objectives within the scope.
  • Resource Planning: Schedule internal audit staff and/or co-sourcing partners to ensure timely completion of audits.
  • Procedure Execution: Perform and document, in conjunction with other audit staff, all procedures necessary to satisfy the identified audit objectives.
  • Finding Communication: Clearly communicate audit findings to management promptly.
  • Report Preparation: Prepare formal audit reports, including findings, impact, and management’s action plans, for distribution to management and the Audit Committee of the Board of Directors.
  • Action Monitoring: Ensure audit findings receive appropriate management attention and that corrective actions are implemented on time.
  • Integrated Audits: Execute integrated audit planning, testing, and reporting in concert with the core audit team’s project objectives.

39. IT Audit Manager Roles and Responsibilities

  • Audit Delivery: Ensure performance and completion of IT general and application controls audit work for interim and final audit periods in accordance with department milestones.
  • Stakeholder Relations: Establish and maintain solid and trusted working relationships with key Business and IS stakeholders.
  • Workpaper Documentation: Document IT audit workpapers in a clear, concise, and professional manner that can be easily understood by reviewers and target audiences, including various management teams, upon completion of the IT audit.
  • Recommendation Development: Develop recommendations for improvement for issues identified during the audit.
  • Audit Program Management: Manage and maintain IT audit programs and procedures, including updating existing audit programs and developing new audit programs for newly identified IT controls.
  • Risk Assessment: Participate in the annual risk assessment of the control framework review, particularly regarding IT controls.
  • Audit Coordination: Provide PBC items to external auditors.
  • Project Support: Perform other projects, including assistance in financial audits, which may include international and/or domestic on-site audit visits.
  • Team Supervision: Manage IT Auditors and provide guidance.

40. IT Audit Manager Responsibilities and Key Tasks

  • Solution Development: Develop solutions on a variety of engagements through collaboration with the team and clients.
  • Project Management: Actively manage, with a hands-on approach, small project teams for all aspects of an engagement (e.g., planning, budgeting, economics management, execution, reporting, and closure).
  • Process Assessment: Assess business processes and internal control frameworks across a range of industries and assist clients in identifying opportunities to improve efficiency and effectiveness.
  • Business Development: Contribute to business development processes, including research and analysis, proposal development, and working with the engagement lead to create tailored project plans and work programs.
  • Risk Analysis: Analyze risk and process-related information and develop risk management frameworks and metrics.
  • Report Writing: Synthesize fieldwork into well-written and concise reports and presentations.
  • Data Analytics: Design, write, and execute CAATs using ACL Analytics 11 and/or IDEA 10.
  • SOC Engagements: Plan, lead, conduct, and close CSAE 3416 (SOC 1, SOC 2, and SOC 3) engagements.
  • Engagement Leadership: Lead and/or manage multiple complex engagements from start to finish, delivering the planned scope within agreed budgets and timelines.

41. IT Audit Manager Duties

  • Risk Assessment: Identify and assess the risks, root causes, impacts, and mitigation of information technology general controls (ITGC), business cycle controls (BCC), and application control deficiencies.
  • Report Writing: Write reports and present to internal staff and current and prospective clients, including executive summaries, audit findings, and recommendations on control deficiencies.
  • Opportunity Identification: Identify and proactively bring opportunities and solutions to the attention of Senior Managers and Partners.
  • Knowledge Sharing: Continuously share knowledge and actively contribute to developing the TRS team’s knowledge base through participation in learning and development opportunities, professional associations, industry groups, and MNP thought leadership events.
  • Client Engagement: Work with companies across various industries, interact with clients, and develop business process, IT process, and risk management skills.
  • Fieldwork Execution: Lead and/or conduct fieldwork, including client interviews and workshops.
  • Professional Development: Continue professional development to reinforce and expand the chosen career path.
  • Team Leadership: Lead, motivate, mentor, direct, and manage team members.

42. IT Audit Manager Job Summary

  • Audit Execution: Lead and execute IT internal audit projects for clients covering core, emerging, and advanced IT risk areas.
  • Control Analysis: Provide value-added and relevant analyses of an organization’s internal control structure, performance, productivity, and efficiency.
  • Advisory Services: Lead and execute IT Advisory projects in areas such as Internal Controls Certification, Service Organization Controls (SOC) reports, IT security, and testing of automated and manual business process controls.
  • Client Management: Manage client relationships and support client remediation activities.
  • Risk Assessment: Work in a collaborative team to analyze client issues and assess governance, risks, and controls of client environments.
  • Team Supervision: Supervise and coach team members, and articulate observations and recommendations.
  • Practice Development: Assist in the management, development, and growth of the IT Audit practice.
  • Knowledge Management: Maintain up-to-date knowledge of risk frameworks, information security frameworks, industry trends, and compliance practices.

43. IT Audit Manager Essential Functions

  • Audit Planning: Assist the VP, Internal Audit, in preparing the annual audit plan.
  • Audit Universe: Maintain and update the IT Audit Universe.
  • Risk Assessment: Undertake comprehensive planning and risk assessments for each audit assignment to ensure identification of potential business risks.
  • Audit Management: Manage complex audits.
  • Project Management: Perform critical project management duties, including planning, scheduling, coordinating, reviewing, and reporting the work of IT Audit teams, and provide expertise in auditing standards, performance criteria, audit requirements, and information technology.
  • Progress Monitoring: Use project management tools to oversee project progress.
  • Team Supervision: Plan, assign, and supervise the daily activities and work of other auditors.
  • Report Writing: Prepare complex audit reports using advanced writing skills.
  • Program Development: Develop procedures, schedules, priorities, and programs to achieve audit objectives and goals.
  • Advisory Services: Perform advanced, specialized, and/or managerial advisory services related to IT.

44. IT Audit Manager Key Accountabilities

  • Relationship Management: Develop and maintain productive client and staff relationships.
  • Risk Awareness: Stay abreast of changes within the IT department and business operations, assess risk factors, and identify high-risk areas within the organization.
  • Talent Management: Attend and/or conduct internal meetings and participate in the recruitment and hiring of IT auditors.
  • Performance Management: Use the Performance Management System to develop staff goals, monitor progress, and complete year-end performance reviews.
  • Staff Coaching: Coach and mentor staff to achieve or exceed performance goals.
  • Staff Development: Assist staff in identifying development objectives, training opportunities, and creating development plans.
  • Tool Administration: Administer IT audit software and stay updated on vendor changes.
  • Standards Compliance: Stay current with audit professional standards and IT control frameworks, communicate changes to the audit team, and ensure standardized application.
  • Best Practices: Stay updated on IT landscape developments and incorporate best practices into risk assessments and audit procedures.

45. IT Audit Manager Duties and Roles

  • SOX Testing: Perform testing of IT general and application controls for compliance with Sarbanes-Oxley requirements.
  • Audit Execution: Conduct audits or lead audit teams in performing IT audits and reviews of systems, applications, and IT processes, including pre- and post-reviews of system implementations or enhancements.
  • Control Review: Perform reviews of IT management policies and procedures, such as change management, business continuity planning/disaster recovery, and information security, to ensure adequate controls.
  • Risk Assessment: Develop and maintain the IT Risk Assessment under the Director’s oversight, including identifying areas for additional investment and audit focus.
  • Data Analytics: Develop, build, and implement tools to analyze data and improve audit efficiency and effectiveness, including for risk assessments.
  • Analytics Enablement: Serve as a source for analytics that business units can adopt for business insights or continuous auditing.
  • Report Communication: Communicate audit results through written audit reports to enable effective corrective actions.
  • Business Translation: Translate technical IT language into general business language for non-technical report users.

46. IT Audit Manager Job Description

  • Team Leadership: Direct IT Audit staff in executing the Annual Internal Audit Plan, evaluating business processes, and following up on the remediation status of prior audit findings.
  • Staff Development: Lead development planning activities for IT audit staff and conduct annual performance reviews.
  • Report Preparation: Lead IT and audit staff in preparing audit findings, developing recommendations, and writing audit reports.
  • Workpaper Review: Perform management review and sign-off of IT audit staff workpapers.
  • Stakeholder Liaison: Act as the Internal Audit Department liaison to IT Leadership.
  • Trend Awareness: Stay current on industry trends and best information technology and audit practices.
  • SOX Execution: Direct IT audit staff in completing annual IT General Controls and IT Application Controls testing in support of the company’s SOX 404 program.
  • Risk Assessment: Identify and assess risks to company IT systems and processes in support of the annual audit risk assessment.

Job Role FAQs

What is a job role?

A job role refers to the duties, responsibilities, and expectations associated with a specific position within an organization. It explains what tasks an employee performs, how they contribute to team objectives, and how their work supports the company’s overall goals.

What are the typical responsibilities of a job role?

Typical job role responsibilities include completing daily tasks, collaborating with team members, making decisions, and meeting performance targets. For example, a software developer may write code, fix bugs, review pull requests, and collaborate with product teams.

What is the difference between a job role and a job title?

A job title is the official name of a position, such as Marketing Manager or Software Engineer. A job role describes the actual duties, responsibilities, and expectations associated with that position.

Why are clearly defined job roles important?

Clearly defined job roles help organizations improve productivity, reduce workplace confusion, and ensure accountability. When employees understand their responsibilities and expectations, teams can collaborate more effectively.

How do job roles support career development?

Understanding different job roles helps professionals identify career paths and the skills required for advancement. By learning the expectations of various roles, individuals can build relevant skills and plan long-term career growth.

Editorial Process

Lamwork content is developed through structured review of publicly available job postings and documented hiring trends.

Editorial operations are managed by Thanh Huyen, Managing Editor, with research direction and final oversight by Lam Nguyen, Founder & Editorial Lead. Content is periodically reviewed to reflect observable labor market changes.

Relevant Information

What Does An Internal IT Auditor Do?
What Does An IT Auditor Do?
What Does A Senior IT Auditor Do?