BizzSecure

Joseph Duah

Joseph Duah

Experience Summary

A Senior IT Audit Manager is responsible for overseeing and leading IT audit engagements, assessing risks, developing audit scopes and plans, performing and reviewing audit procedures, and preparing detailed reports on audit findings. This role requires collaborating closely with IT and security leaders, ensuring compliance with internal and regulatory controls (such as SOX), and supporting the development and management of IT audit staff. Senior IT Audit Managers play a critical part in identifying control weaknesses, recommending improvements, and helping organizations protect their information assets and manage risk effectively. ## Key Responsibilities - Assess IT and information security risks, develop audit scopes, and perform risk-based audits across applications, data, and infrastructure. - Oversee execution of audit plans, manage audit staff, and guide their professional development. - Conduct audits to ensure compliance with regulations (e.g., SOX ITGC), internal policies, and best practices. - Prepare clear, comprehensive reports summarizing audit results, findings, and recommendations for process and control improvements. - Collaborate with external auditors and IT stakeholders to coordinate audit activities and share findings. - Keep up to date with emerging IT risks, audit standards, and new technologies relevant to the business. ## Required Skills and Experience - Extensive experience (typically 7–12 years) in IT, information security, or related audit roles, with several years in a leadership or management position. - Strong knowledge of IT systems, cybersecurity practices, internal controls, risk management, and regulatory frameworks. - Professional certifications such as CISA, CISSP, CIA, or CPA are often highly desired. - Ability to communicate complex issues clearly and present findings to both technical and non-technical management. > This role is crucial for strengthening an organization’s IT governance framework and ensuring that IT risks are appropriately managed and mitigated.