Technology Auditor Jobs
As mentioned, a bank’s internal auditors serve many purposes, depending on the size of the bank, the number of business units, and the number of auditors on the team.
Technology auditors serve a more specific purpose. These auditors focus on the financial institution’s technologies, and audit them to make sure they are meeting all federal regulations, banking policies, and to minimize the bank’s risk exposure due to them. For example, a technology auditor who focuses on the bank’s Web-based products will look to make sure the products offered meet federal regulations and banking policies. Then the auditor will also look to make sure that the products and services are programmed and performing so that no confidential information or potential fraudulent transactions can occur.
Another important part of a technology audit is checking the business unit’s backups. In the case of a system crash, regular data backups must be performed so that all information can be restored in a state as close as possible as it was prior to the crash. Business units who are not performing backups or are performing them intermittently or sloppily will hear about it from the technology auditor.
Like other auditors, technology auditors will examine the business unit’s records for a specified time period, perform audit interviews with supervisors and managers, and observe normal operations. This gives them an accurate picture of how that business unit operates on a daily business and if there are any areas for improvement. Not only can correcting these procedures minimize risk for the bank and the employee, it can also improve the bank’s efficiencies.
Once the audit has been completed, technology auditors will return to their offices and compile the information gathered and create an audit report which is delivered to the person in charge of the business unit, as well as that person’s immediate supervisor. It will let the department know what changes, if any, need to be made. If there are serious issues, the regional manager may take steps to correct these immediately. With minor infractions, the business unit will be given a specified time frame to make corrections. In most cases, the auditors do not make follow up visits to ensure that all changes have taken place. Managers are expected to make them. Occasionally, however, if the unit is at major risk, auditors may return to ensure that corrections have been made.
If you are technologically knowledgeable, a detail-oriented person, appreciate accounting, risk management, and good business practices, this may be a great career choice for you. Working conditions are good. However, some travel may be involved.
Overall, the US Bureau of Labor Statistics projects that the need for accountants and auditors will increase greatly over the next several years. In fact, it cites a 22 percent growth rate over the average by the year 2018. This includes accountants and auditors in all business segments, not just those at financial institutions. However, given the increasing desire for accounting transparency and risk reduction, as well as the growth in online banking, this is a growing career field at most banks.
Technology auditors will need to have a bachelor’s degree in accounting or business or in information technology. Some banks prefer Certified Public Accountants or those holding related certifications. Some banks, especially for advanced positions, may require auditors to possess or earn a master’s degree in business administration.
Auditors can earn additional certifications, according to the US Bureau of Labor Statistics. The Institute of Internal Auditors offers the Certified Internal Auditor (CIA) designation to college graduates who have worked for two years as internal auditors and have passed a four-part examination. The same organization also offers the designations of Certified in Control Self-Assessment (CCSA), Certified Government Auditing Professional (CGAP), and Certified Financial Services Auditor (CFSA). To obtain these certifications, auditors must pass the exams and meet educational and experience requirements.
The ISACA also offers a specific certification for auditors who focus on technology. It confers the Certified Information Systems Auditor (CISA) designation upon candidates who pass an examination and have five years of experience auditing information systems. Information systems experience, financial or operational auditing experience, or related college credit hours can be substituted for up to two years of information systems auditing, control or security experience.
Knowledge, Skills, and Abilities
The most important knowledge for technology auditors to possess is extensive knowledge of the technologies they audit. In order to recommend and find areas of potential security breaches and other issues, technology managers must know how potential hackers and criminals could break into the bank’s technology systems. That means he or she must have detailed knowledge of how certain technologies work, especially those that are “online.”
The technology auditor also needs to be very familiar with banking policies and procedures, as well as federal regulations governing all banking transactions. He or she needs this knowledge in order to determine if the bank is not meeting the regulations or if the bank’s policies are not complying with all of them and need to be revised.
Technology auditors must be sticklers for details. No detail can be overlooked or omitted. The technology auditor needs to be thorough, organized, and systematic. Since technology auditors need to work with different people in different business units, they should also have very strong communication skills, including strong writing skills. They should be comfortable working as a team. They should also be comfortable delivering less than favorable information to business units when the occasion arises.
Technology auditors working for large banking institutions can earn a higher average salary than auditors working for accounting firms, government agencies, and smaller banks. According to the U.S. Bureau of Labor Statistics, accountants and auditors earn an average of approximately $59,000 per year, and this is also the average salary for technology auditors. More senior technology auditors can earn as much as approximately $100,000 per year, or more, depending on the location of the bank, according to Salary.com.
Potential Career Paths
Of the different kinds of internal auditors, technology auditors have a narrower career path. Because they focus on technology, rather than on overall business operations, they are less likely to be promoted to higher level positions. Depending on the size of the bank, there may be various levels of technology auditors. Entry level technology auditors can work their way up through the ranks to become level II, III, IV, and higher auditors. They can also become supervisors and managers.
However, once the successful technology auditor has risen to the top of the department, he or she may have limited promotional opportunities from there. To further advance, the technology auditor may need to transfer to a larger company, or start his or her own auditing or consulting business.