IT
Compliance
Analyst
The IT Compliance Analyst is responsible for conducting testing that evaluates if the
established internal controls designed to manage the Company’s most significant risks.
This position will assist the IT Compliance Manager and Senior Compliance Analyst in the
performance of the annual SOX and PCI testing, developing test steps to evaluate
controls, and gathering/analyzing information as necessary to evaluate the effectiveness
Job
Description
and adequacy of the controls.
The Compliance Analyst will also be responsible for documenting test results and the oral
and written communication of the test results. In this role, the Compliance Analyst will be
active in the day-to-day performance of the IT SOX and PCI testing requirements and
completing the work on time and in a quality manner. The Compliance Analyst will also be
responsible for implementing audit testing methodologies and actively participating in
departmental project activities.
Responsibilities:
Conducting Testing
• Applies basic knowledge of IT, Operations, Finance, and Analysis to ensure efficiency
throughout the testing engagements. Utilizes internal resources to assist when compliance
testing topics require intermediate to advanced knowledge.
• Documenting processes via process maps and flowcharts.
• Ensures in-scope risks and controls are identified in the project risk assessment during
the planning phase and are appropriately evaluated and tested.
• Identifies key control points within a process/activity and develops test steps designed
to evaluate the adequacy and effectiveness of those internal controls.
• Demonstrates knowledge of the tested process and understanding of how interactions
and control failures impact the business objective.
• Ensures the accuracy and consistency of information relied upon throughout the testing
process (e.g., flowcharts, risk assessment, workpapers, and report).
• Identifies developmental opportunities and provides timely, candid, and constructive
feedback throughout the testing period.
• Discusses project expectations and communicates effectively throughout the testing
engagement.
• Seek out and utilize training on different audit testing and analytical tools.
• Possesses a detailed understanding of process flow and risk assessment and provides
meaningful guidance to all project teams.
Testing and Evaluating Controls
• Implements testing in accordance with Lowe’s methodology and ensures testing
milestone dates are met and projects are completed on time.
• Evaluates testing results to ensure procedures and findings adequately address risks and
expand testing procedures to address any new risks identified.
• Documents weakness in control design based on analysis performed and writes formal
test result reports with the level of quality necessary for an executive audience.
• Assesses whether internal controls are properly designed, implemented, and working
effectively with limited supervision.
Facilitating Testing Processes and Communicating Results
• Provides input on staff assignments and workloads based on skills and developmental
needs.
• Manages client relationships professionally by maintaining consistent dialog and open
communications throughout the testing process.
• Hosts periodic updates to keep the client “in the loop” of potential concerns
• Facilitates on-going, open dialogue with internal project team to encourage
communication so information and ideas from multiple viewpoints are shared
• Communicates project status, concerns, or issues to management and/or client in a
timely manner.
• Provides timely feedback if documentation is not relevant, thorough, accurate, and/or
adequately supported.
• Assists in the development of research skills amongst team members. Coaches others
on regulations impacting the process under review.
• Determines when it is appropriate to implement the use of CAATs during the testing
process.
• Provides input and guidance on construction of statistical models and interprets results
and assumptions
Business Influence
• Meets or exceeds customers’ expectations, looks for ways to improve their experience,
while creating a seamless experience by understanding how the Compliance Analyst role,
team goals, and daily activities fit into the company vision
• Drives for results by consistently achieving goals and pushing to complete tasks by their
deadlines
Collaboration with Others
• Works cross-functionally to manage and organize work processes and ensure most
efficient work flow
• Supports a collaborative environment by working in a team of peers to solve problems
and shares information with peers, manager, and customers as appropriate
Self-Development
• Organizes resources and information in an efficient manner to handle competing
demands and accomplish what needs to be done
Qualifications:
Required Minimum Qualifications:
• Bachelor’s Degree in Accounting, IT, or similar field OR 4 years of work experience in IT
• Certified Information Systems Auditor (CISA)
• 1+ years of IT audit (internal/external) experience or relevant business experience
• Demonstrated experience performing IT audits
Preferred Qualifications:
• Master’s Degree in business-related field
• PMP, CISSP, CFE, or CIA certifications
• PCI QSA or ISA
• Retail business experience