IT Auditor

Position Summary

The IT Project Auditor is responsible for evaluating the planning, execution, and delivery of

IT projects to ensure compliance with organizational policies, standards, and regulatory

requirements. This role involves assessing project governance, risk management, resource

utilization, system security, and overall project performance to provide assurance and

recommendations for improvements. The Auditor will work either as part of an internal team

or for an external audit firm, serving a diverse portfolio of clients.

Key Responsibilities

Conduct audits of IT projects to assess compliance with project management

frameworks, methodologies (e.g., Agile, Waterfall, hybrid), and internal policies.

Evaluate project governance structures, including roles, responsibilities, and decision-

making processes.

Assess IT project risks and controls, providing recommendations to mitigate risks

related to scope, budget, timeline, and technology implementation.

Review project documentation such as business cases, charters, risk logs, testing

plans, change requests, and post-implementation reviews.

Evaluate vendor management practices, contract compliance, and third-party risk in

IT projects.

Assess information security, data privacy, and regulatory compliance (e.g., GDPR,

HIPAA, SOX) in project deliverables.

Collaborate with IT, project managers, and stakeholders to ensure timely remediation

of audit findings.

Prepare clear audit reports highlighting observations, root causes, impacts, and

practical recommendations.

Monitor follow-up actions to ensure resolution of identified issues.

Provide advisory support on project governance, internal controls, and best practices.

Maintain confidentiality and professional ethics at all times.

Qualifications and Skills

Bachelor's degree in Information Technology, Computer Science, Accounting, or

related field.

Professional certifications such as CISA, PMP, CIA, CISM, or CRISC are highly

desirable.

Proven experience in IT project auditing, IT risk management, or IT project

management.

Strong knowledge of project management methodologies, IT governance frameworks

(e.g., COBIT, ITIL), and audit standards.

Familiarity with information security, compliance, and regulatory requirements.

Excellent analytical, problem-solving, and critical-thinking skills

Proficiency in project risk assessment and internal control evaluation.

Excellent attention to detail and a high level of accuracy.

Sensitivity Label: General

Effective written and verbal communication abilities.

Proficiency in audit software and Microsoft Office Suite.

Ability to work independently and as part of a team.