IT and Information Security Audit Expert

This section describes the main duties and responsibilities to give a complete and accurate picture of the job. • Implement administrative policies and procedures and adhere to agency policies to ensure desired administrative outcomes. • Review the policy manual and internal audit process procedures, compare them with best practices, and ensure they meet the agency’s objectives. • Develop the internal audit plan for information security based on risk assessment results. • Conduct internal audits according to the approved audit plan, submit reports and recommendations to senior management, and follow up on their implementation. • Evaluate and monitor the effectiveness of operations and compliance with the agency’s internal policies, procedures, and controls in the area of IT and information security. • Follow up on the implementation of recommendations and directives resulting from internal audits. • Prepare periodic reports on the department's achievements and issues, provide suggestions for development, and submit them to the direct manager. • Perform any other tasks assigned by the direct manager within the scope of job responsibilities.