IT Audit Intern
Description:
Schedule: Part-time
What You’ll Do:
The IT Audit Intern position is a learning-focused opportunity designed to provide hands-on experience in operational and information technology audits, internal control assessments, and audit analytics within a statewide environment. Under close supervision, you will assist the Office of Internal Audit (OIA) teams with planning, fieldwork, documentation, and follow-up related to risks and controls across multiple agencies. Key responsibilities include:
Supporting IT audit planning and fieldwork (e.g., gathering artifacts, performing control walkthroughs, documenting test procedures and results) for engagements related to IT risks and controls such as identity/access management, configuration management, and system change control.
Preparing and updating audit workpapers and issue logs; contributing to remediation tracking and follow-up activities in OIA tools.
Assisting with control testing (e.g., user provisioning/deprovisioning samples, periodic access recertifications), including data collection and exception tracking.
Attending and preparing meeting notes and status summaries; participating in team meetings and stakeholder interviews; following up on assigned tasks.
Contributing to report drafting by synthesizing evidence, observations, and recommendations aligned to OIA methodology and standards.
Shadowing experienced auditors to learn about enterprise technology governance, operations, and risk management within the State of Ohio environment.
This is a 6-month to 1-year internship opportunity, starting no earlier than June 2026. Interns will work at least 10 hours per week in our downtown Columbus office. If selected, the primary workdays can be mutually agreed upon; we can work with your schedule.
What We’re Looking For:
Education: Currently enrolled (or recently completed) in an undergraduate program in Information Systems/Technology, Cybersecurity, Data Analytics, Accounting/Information Systems, or related field.
Relevant Coursework: Audit, IT security, cybersecurity, data analysis, or information risk management. Familiarity with security frameworks (e.g., NIST 800-53, CSF 2.0), identity and access concepts, or IT Service Management tools (e.g., ServiceNow) helpful but not required.
Strong written and verbal communication skills for success in a collaborative team environment.
Excellent organizational skills and attention to detail.
Ability to work independently with guidance.
Interest in audit, risk, and controls.