Mid-Level

Information Systems Auditor

An auditor focused on information systems controls — testing IT general controls, application controls, change management, access management, backup and recovery, and the technology environment that supports financial and operational processes. Foundational IT audit work.

Career Level

Junior

Mid

Senior

Director

Executive

Work Personality

Conventionalorganizing, detail-oriented

Enterprisingleading, persuading

Based on Holland Code framework

Industries that often hire Information Systems Auditors

Professional Services · 33%Financial Services · 8%Government · 8%Manufacturing · 6%Administrative Services · 5%Wholesale & Distribution · 5%

Job markets for Information Systems Auditors

Where Information Systems Auditor jobs concentrate · ~393 metro areas

Based on employment in related occupations

Mapped SOC categories:

Finance

BLS Occupational Employment Statistics

Jump to:What it's like Career paths By the numbers

What it's like

What it's like to be a Information Systems Auditor

Most days tend to involve controls testing, system walkthroughs, evidence collection, and findings documentation. You'll often test user access reviews, change management approvals, batch job controls, backup verification, and application-specific controls — producing findings that feed SOX certifications, audit reports, or compliance attestations. Engagement cadence varies by employer and scope.

The variance between settings is real — internal audit at a public company runs heavily on SOX IT general controls; external audit IT teams at public accounting firms support financial audit engagements; consulting firms deliver SOC 1, SOC 2, and other attestations; financial services audit covers banking-specific systems and regulatory expectations. Technical fluency with cloud, ERP, and infrastructure matters increasingly.

People who tend to thrive here are comfortable with technical depth, patient with audit documentation rigor, and effective communicating findings to both IT and business stakeholders. CISA credential is the dominant signal. The work tends to offer strong demand and clear career ladders toward IT audit manager, director, or CISO-adjacent paths, with the trade-off being the constant catch-up as technology evolves — for those who enjoy the rigor-meets-tech intersection, the work has durable appeal.

What people in this role value

AchievementAbove avg

IndependenceAbove avg

RecognitionModerate

RelationshipsModerate

SupportModerate

Working ConditionsModerate

O*NET Work Values survey

✦ Editorial — written by Truest from industry research and career patterns

Career Paths

Where this role sits in the broader career landscape — and where it can take you.

Earning potential across this track

All experience levels¹

This level's estimated range

¹ BLS OEWS May 2024 covers all Information Systems Auditors (SOC 13-2011.00), not just this title · BEA RPP 2023

* Top salaries exceed this figure. BLS caps reported wages at ~$240K to protect individual privacy in high-earning roles.

Exploring the Information Systems Auditor career path? Truest helps you figure out if it's the right fit — and plan your path forward.

Explore career tools

✦ Editorial — career progression and interview guidance based on industry patterns

The Broader Landscape

Roles like this one sit within a broader occupational category. The numbers below reflect that full landscape — helpful for context, but your specific experience will depend on level, specialty, and where you work.

$53K–$141K

Salary Range

10th – 90th percentile

1.4M

U.S. Employment

+4.6%

10yr Growth

124K

Annual Openings

How Information Systems Auditor pay & employment are changing

BLS OEWS May 2024 · BLS Employment Projections 2024–2034

Skills & Requirements

Reading ComprehensionActive ListeningSpeakingCritical ThinkingJudgment and Decision MakingWritingMonitoringComplex Problem SolvingCoordinationMathematics

O*NET OnLine · Bureau of Labor Statistics

Mapped SOC Codes

13-2011.00

Explore related roles

Roles with similar work and overlapping career paths

Common questions about what it's like to be an Information Systems Auditor

What does an Information Systems Auditor do?

An auditor focused on information systems controls — testing IT general controls, application controls, change management, access management, backup and recovery, and the technology environment that supports financial and operational processes. Foundational IT audit work.

How much does an Information Systems Auditor make?

Median pay for an Information Systems Auditor is about $82K nationally, with the field ranging roughly from $53K to $141K depending on experience, employer, and metro (BLS).

What skills does an Information Systems Auditor need?

Core skills for this role include Reading Comprehension, Active Listening, Speaking, Critical Thinking, and Judgment and Decision Making.

Is an Information Systems Auditor in demand?

Employment in this field is projected to grow about 4.6% through 2034, with roughly 1.4 million people working in it today (BLS).

What jobs are similar to an Information Systems Auditor?

Closely related roles include Junior Information Systems Auditor, Senior Information Systems Auditor, and Account Information Clerk.

Navigate your career with clarity

Truest gives you tools to understand your strengths, explore roles that fit, and plan your next move.

Explore Truest career tools

Federal data: BLS Occupational Employment & Wage Statistics (May 2024) · BLS Employment Projections · O*NET OnLine
Truest editorial: Fit check, role profile, things that vary, advancement analysis, lateral moves, interview questions.