Manager, Internal Audit - IT

Manager, Internal Audit – IT

What Internal Audit-IT contributes to Cardinal Health

Internal Audit - IT is responsible for conducting IT systems audits of networks, databases, systems, applications and other IT components to ensure compliance with policies, procedures, regulations and laws. Evaluates and recommends improvements to business practices, processes and control procedures. Closely aligns with Internal Audit - Finance to provide an integrated understanding of how IT risks impact financial and operational processes.

  • Applies knowledge of auditing and internal control concepts to evaluate IT networks, databases, systems, applications and other IT components.

  • Demonstrates knowledge of IT systems design and architecture, process flows, IT transformation projects and process documentation and internal control identification.

  • Leverages project management skills and audit experience to define audit testing plans, execute and document internal controls testing, and document testing results and related audit findings.

  • Demonstrates strong interpersonal skills to interact with others in a constructive manner that builds trust.

  • Clearly and accurately documents IT systems design and architecture, IT operational processes and related audit findings.


  • Mentor and develop a team of 3-4 IT auditors

  • Assist in planning, execution and reporting on a portfolio of multiple, simultaneous audits;  collaborate closely with financial, operational and IT teams as well as compliance and risk functions

  • Perform IT audits in accordance with methodology requirements and related industry standards to ensure controls are implemented appropriately

  • Draft reports and executive summaries on IT control issues for senior management

  • Coordinate with action plan owners across the organization to drive resolution of findings

  • Provide insight and assessment of information technology risk including strategic, cybersecurity/information security, privacy, financial reporting, and operational risks, and consult with IT and enterprise risk management functions

  • Convey IT concepts and observations in simple language for business leaders and non-technical users to understand

  • Lead departmental functions and initiatives including internal audit technologies, data analytics, and continuous improvement programs


  • Bachelor's degree in related field, or equivalent work experience, preferred

  • 5+ years experience in IT audit preferred

  • 2+ years of management experience with direct reports preferred

  • Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), and/or Certified Public Accountant (CPA) certifications preferred

  • Strong understanding of IT processes and infrastructure including network, business applications, servers, databases, and middleware; ability to evaluate systems, security governance, IT transformation projects, and related risks

  • Experience using and supporting internal audit and risk management software preferred

What is expected of you and others at this level

  • Manages department operations and supervises professional employees, frontline supervisors and/or business support staff

  • Participates in the development of policies and procedures to achieve specific goals

  • Ensures employees operate within guidelines

  • Decisions have a short term impact on work processes, outcomes, and customers

  • Interacts with subordinates, peer customers and suppliers at various management levels may interact with senior management

  • Interactions normally involves resolution of issues related to operations and/or projects

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.