Related Posts
What do folks here think of working at Vanguard?
I have 7.3 years of IT experience and recently bagged a job offer from JPMC . They offered me 21 LPA CTC and the job role as 601 . Can anyone help me out to understand if the role is justified ? Should it be 601 or 602 as per my experience ? During the HR discussion I mentioned my relevant experience as 5.5 years . JPMorgan Chase
More Posts
Is 16LPA low for 5Exp. Devops background
Prime video catalog specialist job salary?
I have 7.3 years of IT experience and recently bagged a job offer from JPMC . They offered me 21 LPA CTC and the job role as 601 . Can anyone help me out to understand if the role is justified ? Should it be 601 or 602 as per my experience ? During the HR discussion I mentioned my relevant experience as 5.5 years . JPMorgan Chase
Additional Posts in Risk Assurance
What makes more money IT Audit or IT GRC?
New to Fishbowl?
unlock all discussions on Fishbowl.




It’s for IT Audit. They may try and spin it as Consulting — it’s certainly not. They may phrase it as the best of Audit and IT — I wouldn’t phrase it that way.
It’s essentially a specialized service line that latches onto Financial Audits most of the time for work. The work isn’t hard. It can get complex to manage, but I wouldn’t say it’s difficult to understand.
Best case better hours than Audit and slightly higher pay. Not so best case the hours are worse because you have more engagements to work on, and exit ops aren’t as diverse as for financial audit because you don’t have general accounting skills, just specialized IT Control knowledge.
To answer your question directly, they might ask you if you know what IT General Controls (ITGCs everywhere else, called GITCs at KPMG) and IT Application Controls are.
They might also mention SOC reporting. ITGCs and ITACs are part of SOX audits.
SOC reporting is it’s own thing, but very similar in practice to ITGC and ITAC work.
If you still want the job, just indicate that you’re impressed with the tools and clients a Big 4 firm works with, and you look forward to learning about “Technology Risk” on the job. (Aka willing to work a lot of unpaid overtime.)
It's not external IT audit but don't make any mistake, you're generally still not escaping sox testing.
They’ll probably ask behavioral questions like, tell me about a time when you had to work with a difficult person and what did you do?
Tell me about a time when a client asked you to deliver something that wasn’t possible. What did you do?
You can find a lot of example questions online. What might be helpful is if you come up with 6 or so examples from your work experience that you can bucket into challenges, accomplishments/successes, and failures.
Then adapt those examples based on the question that is asked using the STAR method.