As IT Auditors we are responsible for performing the analysis and evaluation of processes and controls within information systems and related infrastructure to determine their effectiveness, integrity and regulatory compliance. We communicate our findings and system testing to senior management and the Board within organisations.

Where companies are undertaking new system implementation projects, we will often assess the governance of the project, determining if there are issues with keeping to budget or delivery timescales. Furthermore, we evaluate whether there are any data integrity concerns from migration activities.

Over recent years, we have seen a rise in cyber attacks at organisations and we have supported audit teams understand the impact of data loss on the audit. 

Why IT Audit?

One of our IT Auditors, Alex, shared with us why he likes working in IT Audit at Grant Thornton, what keeps it interesting for him and advice for others thinking about a career in IT Audit at Grant Thornton. 

IT Audit offers an opportunity to develop an understanding of financial audit whilst gaining a deep knowledge of IT applications, technologies and cyber security.

You will also be given a choice to pursue various IT associated professional qualifications, in addition to ACA. Examples of qualifications that our current team members have include CISA, CISM, CRISC, CGEIT, CEH, CISSP and CLPTP.

Working for IT Audit will mean working in an agile way with adjusting to many different situations whilst analysing software solutions. At Grant Thornton, we encourage our teams to provide recommendations to senior management both internally (financial audit teams) and externally (organisations) across our vast private and public client base. This helps our teams to get this early exposure to Audit Committees, Boards and Directors in order to develop their communication skills and learn how different industries work.

You will develop an up-to-date and in-demand knowledge in areas such as:

• Compliance with Auditing standards, laws and regulation
• Assessing privileged assess rights within applications and whether these lead to segregation of duty conflicts
• Change and incident management with associated oversight of vulnerability and penetration testing
• Assessing system interfaces and organisational ability to maintain complete and accurate financial data
• Examining client-connected database and networks
• Assessing the new system implementation for risks such as the integrity of data
• Organisational cyber security solutions and best practice recommendations
• Performing data analytics with data visualisation tools such as KNIME and Alteryx
• ERP systems such as SAP, Oracle and Microsoft Dynamics

What are we looking for in people?

We’ve got a flexible approach to academic entry requirements, and we’ll consider these alongside your strengths and motivations.  We are particularly interested in hearing from those with a strong interest to build a career in IT and cyber security. 

Qualifications or work experience from fields such as computer science, business management, management of information systems, accounting or finance would be most preferable to take on this role and would be an invaluable asset for your career development.

Where can this career take you:

IT Audit will provide you with an in-depth knowledge of IT systems as well as broadening your skillset of report writing and communicating to senior management. These are transferable skills whether you are looking to further your career in IT Audit, move into Internal Audit or other IT consultancy practices.