Reporting to the Chief University Auditor, the Internal Audit Director, Information Technology position exists to create, maintain, and execute a comprehensive information systems audit program for Brown University. Â This position will direct the planning and execution of information technology audits and advisory engagements. Â The Internal Audit Director, Information Systems will conduct risk assessment and audit planning including responsibilities for developing and maintaining the IT Risk assessment in collaboration with the Chief University Auditor.
The technology audit include examining the effectiveness, efficiency, and maturity of the Universityâ™s information privacy and security controls, as well as technology business process evaluations, through the use of data analytics and traditional internal audit methodologies. This position will design and implement written audit procedures and programs, including authoring written reports to University management. Responsibilities include analyzing data, identifying trends, and interpreting and presenting results periodically and ad hoc to various levels of management. The Internal Audit Director will work with multiple clients in a highly collaborative matrix team environment.
Direct the planning and execution of information technology audit and advisory services for Brown Universityâ™s internal audit function embedded within the Universityâ™s Risk, Audit and Compliance department. Assigned engagements are identified within the annual Internal Audit Services workplan approved by the Committee on Risk and Audit.Â
Conduct work in accordance with Internal Audit Services Standards and professional standards issued by the Institute of Internal Auditors.
Prepare draft reports and communications to University management of the results of work, conclusions and any process improvement opportunities.
Direct follow up work and advise on corrective actions completed by management.
Conduct ongoing risk assessment and audit planning efforts to ensure adequate coverage of University information technology risks. Continuous documentation of same within the audit universe framework of risks and controls. Â
Responsible for developing and maintaining the IT Risk Assessment under the oversight of the Chief University Auditor; including identifying areas where business units should consider additional investment and areas internal audit should focus.
Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.
Participate in the strategic growth of Internal Audit Services in the enhancement of its methodology, approach, and models to provide internal audit services at Brown University.Â
Maintain a current universe of auditable information technology entities.
Develop, build, or implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments).
Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
Bachelor's degree, preferably with a concentration in information technology, finance, accounting, or related field.
Minimum of seven to ten years of experience in information technology internal auditing and/or consulting, preferably in an education or nonprofit organization.
The ability to incorporate the mission of the University and its Â computing environment within a continual risk assessment of a comprehensive information systems audit universe.
A solid understanding of the concept of governance, risk and controls; information security; and project management is essential.
An understanding of information technology management practice or security frameworks (e.g. NIST, ITIL, ISO, etc.) and their application within a complex, distributed, research intensive environment is strongly desired.Â
Possession of (or the ability to obtain) professional certification is desirable (e.g. CISA, CISSP, CPA, CIA, etc.).
Proven analytical ability to assess information system compliance against internal standards and policies, as well as all pertinent external regulatory requirements (e.g. FERPA, HIPAA, GLBA, PCI, etc.).
A working knowledge of electronic audit tools and data analytic concepts (e.g. ACL, R, Cognos, etc.) is preferred.
Must demonstrate strong analytical, interpersonal, and verbal and written communication skills and the ability to communicate effectively.
Must be able to build and nurture working relationships and effectively convey technical information to stakeholders, including executive level management.
Ability to plan, administer, and summarize audit engagements, including the establishment of audit plans, timelines, progress reports, and remedial action documentation and tracking.
Demonstrated ability to support a community of diverse perspectives and cultures in an inclusive environment.Â
Background Check: Â Criminal & Education background check satisfactory to Brown University.
Recruiting Start Date:
Job Posting Title:
Internal Audit Director, Information Technology
Internal Audit Services
Scheduled Weekly Hours:
Please note that in order to be considered an applicant for any staff position at Brown University you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.
Brown University is committed to fostering a diverse and inclusive academic global community; as an EEO/AA employer, Brown considers applicants for employment without regard to, and does not discriminate on the basis of, gender, sex, sexual orientation, gender identity, national origin, age, race, protected veteran status, disability, or any other legally protected status.
Internal Number: REQ169415
About Brown University
Located in historic Providence, Rhode Island and founded in 1764, Brown University is the seventh-oldest college in the United States. Brown is an independent, coeducational Ivy League institution comprising undergraduate and graduate programs, plus the Alpert Medical School, School of Engineering, Executive Master of Healthcare Leadership and the IE Brown Executive MBA.