Sr. Analyst, Internal Audit - IT

What Internal Audit-IT contributes to Cardinal Health

Internal Audit - IT is responsible for conducting IT systems audits of networks, databases, systems, applications and other IT components to ensure compliance with policies, procedures, regulations and laws. Evaluates and recommends improvements to business practices, processes and control procedures. Closely aligns with Internal Audit - Finance to provide an integrated understanding of how IT risks impact financial and operational processes.

  • Applies knowledge of auditing and internal control concepts to evaluate IT networks, databases, systems, applications and other IT components.
  • Demonstrates knowledge of IT systems design and architecture, process flows, process documentation and internal control identification.
  • Leverages project management skills to define audit testing plans, execute and document internal controls testing, and document testing results and related audit findings.
  • Demonstrates strong interpersonal skills to interact with others in a constructive manner that builds trust.
  • Clearly and accurately documents IT systems design and architecture, IT operational processes and related audit findings.

Accountabilities in this role

  • Assist in planning, execution and reporting of multiple audits and work closely with financial teams, operations teams, as well as the risk management team.
  • Basic knowledge of IT technologies and concepts with a strong understanding of IT infrastructure including network, databases, and the ability to evaluate systems, and security governance.
  • Coordinate with IT personnel to understand IT systems management processes, and obtain information required for IT control assessments.  Focus areas include, but are not limited to: access, data security, change development and implementation, system support, and system availability.
  • Communicate effectively across various business units verbally and written to ensure data is accurate and detailed
  • Perform IT audits in accordance to various standards and SOX compliance standards
  • Plan and execute IT audit projects.
  • Audit activities include looking at IT systems and related processes to ensure proper controls are implemented
  • Planning and executing audits all the while reviewing results to determine issues and risks
  • Supervise and develop junior auditors in the execution of IT control assessments.
  • Document IT control assessment activities and annotate supporting documentation.
  • Compose audit reports.


  • Bachelor’s degree in related field, or equivalent work experience
  • 2+ years of experience in related field, or Bachelor's degree in related field

What is expected of you and others at this level

  • Applies working knowledge in the application of concepts, principles, and technical capabilities to perform varied tasks
  • Works on projects of moderate scope and complexity
  • Identifies possbile solutions to a variety of technical problems and takes actions to resolve
  • Applies judgment within defined parameters
  • Receives general guidance may receive more detailed instruction on new projects
  • Work reviewed for sound reasoning and accuracy

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.