Under general supervision, identifies, prepares documentation, analyzes, designs, assesses and reports on ITGC and application controls.
Relying on limited experience and knowledge, the Senior InternalControls IT Analyst is responsible for accomplishing the following assignments. These assignments are varied in nature
• Assist HCC management in the enhancement and maintenance of the enterprise risk management and SOX compliance programs. This includes driving change through effective consulting of the business, promoting, monitoring and periodically reporting on the effectiveness of the IT control environment.
• Assist IT management with activities necessary to address open control deficiencies in process of being remediated.
• Work in an advisory capacity with IT management to design and document effective, risk-based, cost-justified ITGC and application controls.
• Perform remote and on-site control reviews for new and existing business units to ensure that ITGC and application controls are accurately documented and maintained.
• Perform targeted, risk-based application and general controls reviews as needed.
• Execute the annual test plan for ITGC and application controls within prescribed deadlines and according to HCC standards. Direct the testing efforts of assigned staff. Report testing results to management and external auditors. Develop complete and accurate work papers to document and support findings and work performed.
• Facilitate IT management’s quarterly self-assessment of ITGC and application controls. Assist with the preparation of quarterly assessments, as needed. Monitor management’s progress in completing assessments to ensure assessment deadlines are met. Provide training and other assistance to IT management as needed. Review management responses to determine if control gaps (i.e., changes and/or self-reported control deficiencies) exist. Conduct follow-up and research, as needed. Document and report final results to Internal Controls management.
• Document and assess the significance of deficiencies in the design and operating effectiveness of ITGC and application controls. Evaluate IT management’s remediation action plans and track remediation efforts.
• Participate in major system implementation and infrastructure projects to ensure appropriate controls are implemented, documented and maintained.
• Participate in special projects as required.