Internal Auditor - Information Systems and Technology
Internal Auditor – Information Systems and Technology
The Area: Morningstar is a leading provider of financial information. Reporting to the Board of Directors, Morningstar’s Internal Audit Services is an independent, objective assurance and consulting activity designed to add value and improve the company’s operations. Internal Audit Services helps the company accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
The Role: Morningstar’s Internal Audit Services seeks a highly motivated Associate IT Internal Auditor who thrives on new experiences and challenges. As an Internal Auditor, you will play an integral role in evaluating the company’s information technology and information security processes and effectiveness of internal controls. You will have the opportunity to work on a variety of operational, information technology, and compliance reviews as well as evaluate the effectiveness of internal controls over financial reporting as part of the company’s Sarbanes-Oxley Section 404 compliance activities. You will work closely with all levels of management across the organization, recommending changes to strengthen controls for increased efficiencies and reduced risks. As an Internal Auditor, you will have the opportunity to utilize and reference world-class audit tools and audit methodologies in the performance of your duties. In this role you’ll report to the Internal Audit Manager – Information Systems and Technology. This position is based in Chicago.
Key Responsibilities
• Assist with the planning and execution of information technology, operational, and compliance related reviews.
• Perform walkthroughs of information technology and information security processes and evaluate the design and effectiveness of internal controls implemented in the IT environment.
• Document work and assist in the preparation of observations and recommendations for corrective action.
• Effectively apply the COSO internal control framework and COBIT IT governance framework.
• Serve as a consultant and business partner with management.
Requirements
• Action-oriented, self-starter with strong verbal and written communication skills.
• Comfortable working both independently or in teams and working within a complex environment.
• Ability to diagnose problems, determine root causes, and recommend solutions to complex challenges.
• Strong knowledge of general computer controls.
• Knowledge of recognized IT audit and governance frameworks such as COBIT, ITIL, NIST, ISO, etc.
• Knowledge of COSO internal control and risk management frameworks.
• Experience in reviewing control activities, process, and policy documentation.
• Undergraduate degree in accounting, management information systems, finance, or a related field.
• One to two years of internal or external audit experience auditing information technology/security controls or internal controls over financial reporting.
• Experience working for a Big 4 or Tier-Two public accounting firm preferred.
• Experience performing data analytics using data extraction and analysis software a plus.
• Professional accreditation (e.g., CISA, CIA, CPA, CFE) desired.
• Willingness to travel to domestic and international offices (25%).