Jobs .. Science .. Information systems auditor, IT auditor
Education programmes of job
Computer Engineering
IT Engineering

Nature of work

An information systems auditor combines the analytical skills of an auditor with the technology expertise of an information technology, or IT, professional. Professionals interested in this work should have strong operational audit skills and an understanding of the computer technology components he/she will analyze. He/she conducts audits of computer systems and technical environment, analyzes data for the adequacy and effectiveness of system integrity, accuracy, security and control. He/she presents conclusions and recommenda­tions to management for information security, costs reductions and operational improvements. He/she  participates from the audit viewpoint in the development of new computer systems, advises the development team on information control and security issues. Also, he/she  performs audits of information systems controls including data integrity, backup and disaster recovery, data communication and database administration. He/she prepares formal written reports, findings and recommendations. He/she performs special reviews, investigations, and projects upon request by management.

Environment of work

An information systems auditor works directly for an organization, or he/she works as consultants. Consultants can be self-employed or work for an information technology firm. Although technological advances have made telecommunication systems more common, many consultants still need to travel to see his/her clients. The assignment can vary with the complexity of the job. Most auditors work in a basic office setting. Most auditors normally work a 35-40 hour week.

Professional life

Most beginning auditors are required to work closely under a more experienced auditor before being fully trusted with the huge workload of an experienced auditor.
Job applicants with a background in business may have better prospects because this occupation often requires knowledge of an organization’s business needs. An understanding of the specific field an analyst works in is also helpful..
Range of typical starting salaries: 40000 SYP.

Getting the job

A Bachelor’s degree in computer science, accounting, business administration, finance, or a closely related field from an accredited college or university.

According to the Institute of Internal Auditors, as computer technology continues to develop and alter the business environment, the need for knowledgeable IT audit professionals will continue. Those interested in this field and lack a computer science degree are encouraged to pursue or obtain other technology training.
There are some certifications exist for IT auditors and to obtain one he/she must pass an exam. As of publication, the current industry standard for IT audit professionals is the Certified Information Systems Auditor, or CISA, administered by ISACA, a globally recognized IT certification organization. ISACA has another certification for those that oversee a company’s information security : Certified Information Security Manager, or CISM. The Certified Information Systems Security Professional, or CISSP, is an independent information security certification administered by the International Information Systems Security Certification Consortium, which also provide security training on IT assets.

Skills

An information systems auditor must be excellent in mathematics, finance, management, marketing and should be able to analyze, compare and interpret facet and figures quickly. Techniques that need to be performed are examining, questioning, evaluating and reporting. Knowledge and understanding of the basic standards of an auditor and of contracts, purchasing, product design and manufacturing are required.
In addition to having financial/operational audit skills, an information systems must also have computer technology training and/or experience. Auditing information systems requires separate technical skills that permit an auditor to identify system weaknesses and issues. An information systems auditor must be familiar with a variety of IT components, such as networks, data security, encryption, databases, computer applications and IT frameworks. Many IT auditors originally works in the IT department before they began auditing; this can be a natural progression for any IT professional, because it’s easier for him/her to learn and apply new audit skills than for a financial auditor to learn and apply IT concepts.

Sources and references

If you need any further information on what is included in this file, you can visit the following websites:
  •         ‎         www.isaca.org/cisa, Certified Information Systems Auditor (CISA)
  •         Arab Standard Classification of Occupations, 2008, Ed. Arab Labor Organization.

Summary

An information systems auditor studies an organization's current computer systems and procedures and make recommendations to management to help the organization operate more efficiently and effectively. He/she brings business and information technology (IT) together by understanding the needs and limitations of both.
He/she  is someone whose task is to evaluate an organizations financial information system. An auditor normally prepares paperwork according to internal audit policie