This job posting isn't available in all website languages

(While navigating through the site, please be sure to disable your pop-up blocker.)

Audit / Compliance
133815 Requisition #
Sign Up for Job Alerts

The Internal Audit IT Audit Manager is responsible for providing the strategic vision for, and managing the essential activities of, all IT internal audit activities at MD Anderson Cancer Center. The IT Audit Manager will manage and conduct IT and other audits and provide guidance and direction for the completion of a comprehensive IT internal auditing activity in accordance with all applicable standards.


Strategic Vision and Management of IT Audit Operations  

  • Collaborates with the Vice President and Chief Audit Officer and the Executive Director and Deputy Chief Audit Officer to provide a strategic vision for the IT Audit operations.
  • Responsible for all IT internal audit activities, serving as the strategic liaison with senior management and the UT System on IT audits, IT consulting projects, and other IT advisory engagements.
  • In collaboration with the Executive Director and Deputy Chief Audit Officer, provides leadership and oversight by performing the following:

-  Provides oversight and guidance into the development of the scope and procedures based upon a project risk assessment, performed by the IT Audit co-sourced vendor. 

-  Functions as a strategic liaison with co-sourced IT Audit firm on all their engagements, as well as with management before, during, and after engagements.

-  Monitors co-sourced vendor’s project deadlines to ensure completion of the IT projects on each annual Audit Work Plan.

-  Manages and conducts financial, compliance, and operational audits, as necessary, to ensure completion of the Audit Work Plan.

-  Provides guidance and assistance as needed during the course of each engagement to ensure compliance with all applicable standards.

-  Manages multiple priorities and resources.

-  Meets project deadlines and budgets to ensure completion of the Audit Work Plan.

-  Provides IT training to auditors as necessary within the department.


Audit Reporting and Communication with Management 

  • Conveys information clearly and concisely through both formal and informal documents; adapts writing style to fit the audience. 

  • Translates technical IT audit findings into non-technical audit language.  

  • Prepares reports that are timely, supported by sufficient evidence in the work papers, and in compliance with applicable standards.  

  • Works closely with co-sourced IT audit firm on reports, serving as the departmental reviewer to ensure that reports are consistent with expectations and are supported by audit evidence.  

  • Keeps the client and Internal Audit Management apprised of issues throughout the audit. 

  • Fosters long-term partnerships with all levels of management.  

  • Represents Internal Audit in a professional manner at all times, including presenting audit results to the Audit Committee.  

  • Collaborates with management to address institutional issues by participating on various committees.

Departmental Activities  

  • Collaborates with management, the IT Audit co-sourced vendor, and the Executive Director and Deputy Chief Audit Officer to identify and assess existing and emergent risks facing the institution.
  • Provides guidance to all levels of management on solutions necessary to mitigate identified risks.
  • Participates in annual risk assessment and work plan activities.  
  • Leads Request for Proposal (RFP), evaluation, and selection of IT Audit co-sourced vendor to supplement IT audit activities.
  • Conducts annual performance assessment of co-sourced vendor ensuring compliance with contract provisions; develops and monitors corrective action.
  • Assists in developing and implementing department procedures to ensure adherence to the professional standards.   
  • Proactively advances integrated IT auditing concepts and use of technology to improve the overall audit function.  
  • Provides formal updates to UT System and the Institutional Audit Committee on the status of all IT audit recommendations.
  • Performs internal quality assurance reviews related to IT activities to ensure all work is conducted in accordance with auditing standards.  
  • Serves as the IT expert for the Department.
  • Manages recommendation/finding tracking and validation for IT-related recommendations, and others as assigned.  
  • Manages quality assurance activities related to IT audits, and others as assigned.

Human Resource Administration

  • Manages and oversees the IT audit activities performed by all professional staff assigned to audit engagements, investigations, consulting and special projects.
  • Collaborates with the VP&CAO and the Executive Director and Deputy Chief Audit Officer in the recruiting, hiring decision, and orientation of new professional audit staff.
  • Oversees the performance of team members assigned to perform IT audit activities and take necessary actions to support their development from and IT perspective.

Financial Management

  • Provides backup stewardship over funds budgeted for Internal Audit by monitoring and approving expenditure transactions for the co-sourced IT Audit vendor.



Required: Bachelor's degree in Business Administration, Information Technology, or a related field.


Required: Six years of professional IT experience, to include three years of audit experience and three years of supervisory or management experience.


One of the following is required:

  • Certified Professional in Healthcare Info and Management Systems (CPHIMS) by the Healthcare Information and Management Systems Society (HIMSS)

  • Certified Information Systems Security Professional (CISSP) issued by the International Information Systems Security Certification Consortium (ISC)

  • Certified Information Systems Auditor (CISA) By the Institute of Internal Auditors (IIA)

  • Certified Internal Auditor (CIA) by the Institute of Internal Auditors (IIA).

It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html

My Submissions

Track your opportunities.

My Submissions

Similar Listings

United States, Texas, Houston, Houston (TX Med Ctr)

📁 Audit / Compliance

Requisition #: 130514