Job Description – IT Internal Auditor
Job Title:
Reports To:
Direct Reports:
Division
Accreditation/Approval:
IT Internal Auditor
Manager, Internal Audit
N/A
Internal Audit
 URAC
 NCQA
Role and Responsibility:
 Execute Information Technology audits as defined by management and
the Audit Committee;
 Identify and evaluate the organization’s risk areas and provide input to
the development of the annual audit plan
 Perform audit procedures, including planning, inquiry, developing work
plans, testing, and reporting
 Identify, develop, and document audit issues and recommendations
Communicate or assist in communicating the results of audit and
consulting projects to management
 Develop and maintain productive client and staff relationships through
individual contacts and group meetings
 Represent internal audit on organizational project teams, at
management meetings, and with external organizations
 Provide or assist in providing training, coaching, and guidance to internal
audit staff and/or CareSource external auditors in conducting audits and
other audit-related issues
 Draft the scope and objectives for individual audit and prepare audit
programs
 Conduct data extraction, analysis, and security reviews utilizing software
tools
 Support audits and consulting engagements related to programming,
mainframe batch and online processes, client-server architecture,
Internet and intranet functionality, database extraction, technology
strategy, and data communication and network security
 Act as liaison with business partners to ensure full understanding of data
flow, data integrity, and system security
 Assess IT control elements to mitigate IT risks regarding the
confidentiality, integrity, and availability of business information
 Pursue professional development opportunities, including external and
internal training and involvement in professional associations, and share
information gained with co-workers
 Perform any other job related instructions as requested, with reasonable
accommodation
 Regulatory
 Other
FLSA Status:
Job Grade / ID / Date:
Layer Number:
Location:
Status:
Exempt
S16 / IC-0081 / June 2014
n/a/Individual Contributor
Corporate Office – Dayton
Full-time
Education / Experience:
 Bachelor of Science degree in information systems, computer
science, business, or related field or other degree or
equivalent years of experience is required
 One to five years of proven internal audit experience
 Experience/familiarity with a variety of technical platforms,
such as operating systems, databases, networks, firewalls,
web services etc.
 Prefer experience in healthcare or insurance field
 Prefer Sarbanes Oxley 404 or Model Audit Rule experience
 Prefer proficiency in information technology control concepts
and systems development methodologies.
 Proficient in Microsoft Office tools
 Ability to quickly and independently learn new operations,
collect and analyze complex data, evaluate information and
systems, and draw logical conclusions
 Excellent verbal and written communication skills, including
active listening , negotiation s, and presentation to different
groups
 Ability to establish and maintain harmonious working
relationships with co-workers, staff and external contacts, and
to work effectively in a professional team environment
 Ability to maintain composure under pressure while meeting
multiple deadlines
 Ability to identify ‘root causes’ of issues and develop
appropriate recommendations
 Knowledge of audit principles and IIA Standards and Code of
Ethics required
 Understanding of information technology governance and
regulatory frameworks (CObIT, COSO, ANSI, etc.) preferred
 Knowledge of industry program policies, procedures,
regulations, and laws (HIPAA, HITECH, Ohio Data Breach)
 Proven ability to assess effectiveness of internal controls over
key IT risks, identify significant exposures, analyze
transactions and other management information, and detect
changes in key risks and/or control effectiveness
Required Competencies /
Knowledge / Skills:
Licensure / Certification:
 Internal Audit certification such as the Certified Information
System Auditor (CISA) or other related certification preferred
Key Decision Rights:
Cross Functional
Interactions:




Significant interaction with others in the Department of differing
skillsets (nursing, finance, etc.)
Significant interaction with management and staff throughout
CareSource, including interaction with the senior most levels of the
organization
Ability to work in a matrix environment with responsibility for
multiple deliverables for multiple areas within CareSource
Accountability:
Working Conditions:

 General office environment and required to use general office
equipment such as telephone, photocopier, fax machine and
personal computer
 Perform reasonable travel related duties up to 25%, including
possible overnight travel
The statements contained herein describe the essential functions of this position and is not an all-inclusive listing of work requirements. Individuals may perform other duties as assigned, subject to reasonable accommodation.
Confidential and Proprietary