IT Internal Audit Program Manager

February 11

Apply Now

Receive Emails with Similar Jobs

Bon Secours Mercy Health

WebsiteLinkedInAll Job Openings

Bon Secours Mercy Health is a leading health care organization committed to transforming health care delivery and services through strategic innovation and compassionate care. Operating hospitals and clinical sites in the U. S. and Ireland, the organization focuses on extending health care access, improving patient outcomes, and enhancing value through emerging technologies and strategic partnerships. With a commitment to service and stewardship, Bon Secours Mercy Health also prioritizes enhancing the quality of life for underserved communities while advocating for sustainability. The organization’s initiatives include digital innovation, diversified growth through investments and partnerships, and providing high-value care across its core clinical operations.

10,000+ employees

Founded 2018

⚕️ Healthcare Insurance

📋 Description

• Leads IT internal audit projects according to the audit plan throughout the Ministry, including risk assessment, audit performance, follow-up and ongoing communication of risks, results and mitigation efforts. • Develops appropriate documentation to support audit work performed. • Assesses information security policies and supporting processes and helps ensure IT compliance with regulatory requirements. • Responsible for ongoing communication and collaboration with key partners including (but not limited to) IT, Compliance, Legal, Finance and Revenue Cycle. • Assists in IT risk assessment process and preparation of audit plan that focuses on high-risk areas. • Continuously evaluates the Information Security Program including recommending updates to existing policies and procedures to help ensure they are in accordance with established industry practice and compliant with federal and state regulations. • Applies current internal control conceptual frameworks such as NIST in conducting independent audits according to the audit plan and develops appropriate documentation to support audit work performed. • Audits may include topics such as safeguarding of information, vendor processes to ensure compliance with internal policies, user access controls, business continuity and incident response, etc. • Recommends content for the cyber security training program. • Reviews analytics, responses, and results for training administered to evaluate the effectiveness of the program. • Periodically performs reviews of user access controls and identity access system settings and configurations focusing on standard and privileged accounts to ensure compliance with established policy and guidelines. • Additionally, ensures access is terminated timely upon termination and job changes or transfers. • Measures and tracks the results of audits performed through action plan follow-up procedures. • Assists in the preparation of audit reports for presentations to management and governance; may present findings to management as appropriate. • Communicates and prepares meeting agendas and status reports to facilitate discussion with immediate supervisor and upper management about audit activities in progress and emerging issues in a timely and proactive manner. • Keeps current on IT industry trends and areas of interest through utilization of industry research and knowledge resources. • Displays a commitment to excellence, accuracy and thoroughness in all activities, and searches for ways to improve and promote quality. • Participates in department process improvement efforts.

🎯 Requirements

• Required Minimum Education: Undergraduate Degree; Specialty/Major: Business, information systems technology, information security, accounting or related area. • Required Licensing/Certification: CISA, CPA and/or CIA • Preferred Licensing/Certification: Other technical credentials such as CISSP or CISM • Minimum Qualifications: Five to seven years previous audit experience. • Other Knowledge, Skills and Abilities Required: Mental agility and strong communication skills regarding risk management and internal control issues. • Self-starter able to work independently and efficiently in a partially remote environment. • Ability to understand broad enterprise risks in a complex health system beyond traditional financial audit and controls. • Other Knowledge, Skills and Abilities Preferred: Solid analytical skills with the ability to look at the big picture impact; experience with project management a plus. • Experience with electronic work papers; preferably an audit automated work paper system. • Exposure to data analytics design or construction. • Familiarity with IT General Controls and technical knowledge and experience in network architecture, design, configuration, and implementation. • In addition, IT concepts concentrating on application security and PCI.

🏖️ Benefits

• Comprehensive, affordable medical, dental and vision plans • Prescription drug coverage • Flexible spending accounts • Life insurance w/AD&D • Employer contributions to retirement savings plan when eligible • Paid time off • Educational Assistance • And much more