Job Description :
Responsibilities
BASIC PURPOSE: Perform information technology ("IT") audits and reviews of the organization
for efficiency, economy and effectiveness in accordance with accepted internal auditing
standards and Control Objectives for Information and Related Technology ("COBIT" Discuss
audit results with management and prepares written audit reports. Participate in the
documentation, testing and remediation phases related to IT in compliance with Section 404 of
the Sarbanes-Oxley Act of 2002.
POSITION RESPONSIBILITIES:
Execute detailed audits of IT systems and infrastructure to verify that systems are secure and
support the related applications/business processes.
Independently develop audit programs, evaluate system controls, document audit results, make
recommendations, and communicate findings to Internal Audit and senior management.
Prepare and present comprehensive reports on the results of IT audits and special projects to
Internal Audit and senior management.
Present and communicate complex technological issues in a clear, concise and effective
manner to technical and non-technical audiences.
Maintain internal control programs and documentation based on requirements under the
Sarbanes-Oxley Act for IT general controls and business application controls.
Design, document, test and assist in remediation of IT process controls in a wide range of
environments, including policies and procedures that address key areas of an IT organization,
including system development, change management, network security, operations, and
segregation of duties.
Assist in the identification of risks as part of the risk management process, including business
continuity and disaster recovery planning.
Provide support to internal and external audit teams as required.
Maintain or acquire sufficient knowledge of authoritative and regulatory issues governing
information technology, auditing, maritime matters or other fields as required to complete audit
assignments.
Perform special projects relating to IT and hotline investigations as requested by management.
Perform other job related functions as assigned.
EDUCATION: Bachelor''s Degree in Information Technology, Computer Engineering,
Accounting or related field of study; or any equivalent combination of relevant background, skills
and experience. Certified Information Systems Auditor (CISA), Certified Public Accountant
(CPA), Certified Internal Auditor (CIA), Certification in Control Self-Assessment (CCSA),
Certified Fraud Examiner (CFE), or any other certifications strongly preferred.
EXPERIENCE: Minimum 2 years of IT audit experience to include at least 1 year of Sarbanes-
Oxley implementation experience in a large company and/or similar industry. Supervisory
experience preferred.
KNOWLEDGE & SKILLS: Working knowledge of data center operations (Windows and Unix),
Windows networking, Oracle database management, internet technology, ERP systems
(PeopleSoft), and Microsoft Access database preferred. Knowledge of or ability to learn
reservation/booking systems (Freestyle Connect), property management systems (Fidelio),
maintenance report order systems (AMOS), and marine inventory systems (MXP Ability to
work independently and complete projects from the planning phase to issuance. Strong
knowledge of IT general controls and business application controls. Familiarity of COBIT
preferred. Knowledge of authoritative and regulatory issues governing IT, auditing, maritime
matters or other fields required to complete audit assignments. Strong analytical, problem
solving and organizational skills to manage daily functions with team members at all levels.
Excellent communication skills, both written and oral, to present findings and make sound
recommendations. Good interpersonal skills in order to develop and maintain good working
relationships with shoreside and shipboard team members. Approximately 15% of travel time is
required to support the execution of shipboard, European office and other IT audits.