Not Authorized
You are currently not authorized to access this section.
Please contact your Administrator to change your authorization settings.
Please contact your Administrator to change your authorization settings.
IT Application Controls SOX Audit Lead
Frisco, TX
Job Description
SOX Information Technology Application Controls (ITAC) Audit Lead
The Enterprise Controls & Governance Group is responsible for Comerica's compliance with the provisions of Section 404 of The Sarbanes-Oxley Act of 2002 ("SOX"), and ultimately, providing certification that our internal control environment is operating effectively. The group reports administratively to the Chief Accounting Officer and works closely with key stakeholders across business units, corporate functions, technology, and the second and third lines of defense.
The SOX ITAC Audit Lead is responsible for comprehensive reviews of IT Application controls and data flows to ensure appropriate controls and procedures are in place and operating effectively.
Position Responsibilities
Develops testing processes and procedures in alignment with SOX frameworks and PCAOB guidance and conducts baseline review activities.
- Design and execute testing plans and scripts to evaluate the effectiveness of IT Application Controls, Interfaces, and key reports.
- Review the design and operating effectiveness testing of key application and interface controls and communicate the exceptions.
- Provide guidance to a team of control testers (internal and outsourced) ensuring the quality of documentation and testing standards.
Actively participate in the walkthrough of IT Application Controls and Interfaces, including the preparation of agendas and request lists, and documenting interface diagrams to assist in the scoping of key-controls.
Provide subject matter expertise on ITAC evaluation for risk assessment processes and assist with the SOX scoping and the identification of risks and controls.
Reports on control testing results and key themes to management reflecting trends, emerging risks, strengths, and weaknesses.
- Identifies and escalates issues for remediation. Advises on how to remediate any control deficiencies/failures, proposing solutions to root causes of identified conditions.
- Validates remediation of control deficiencies and issues, including sustainability.
- Develop and execute reporting on ITAC effectiveness and identify and escalate issues for remediation. This includes assisting in the remediation efforts of control deficiencies by maintaining progress tracking, communication with key stakeholders, and reporting in Workiva and Archer.
Assist the ERCG group in the review or testing of IT General Controls, Business Process Controls, and other related SOX activities.
Position Qualifications
- Bachelor's degree in Finance, Accounting, Accounting Information Systems, or Technology/IT from an accredited university or a High School Diploma or GED and 6 years of Risk Management or other related experience in the Financial Services Industry
- 5 years of Public accounting or large company IT or internal audit, risk, or compliance experience
- 4 years of Risk Management, IT and/or Financial Audits, SOX, or compliance experience
- Workiva and Archer experience preferred
Licenses & Certifications
- Certified Information Systems Auditor (CISA) required
- Certified Internal Auditor (CIA) preferred
- CPA (Certified Public Accountant) preferred
Comerica is proud to be an Equal Opportunity Employer - veterans/individuals with disabilities, committed to workplace diversity.
Job Summary
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
High School or Equivalent
Required Experience
6+ years
Email this Job to Yourself or a Friend