Assurance Job Interview Questions
If you’re working in assurance or hoping to start a career in assurance, an important step in finding a new assurance job is of course getting through the interview. But what is expected and what kinds of questions might be asked? Typically, the questions vary based on your experience level. So, we’ve put together some example questions that you might face at each level to help you prepare.
Starting with candidates coming direct from university or perhaps with 1 year’s industry experience, to begin with, the interviewer will be looking for a basic understanding of the fundamental concepts of assurance.
What do you understand by risk?
What do you understand by controls?
Your answer to these questions will provide your interviewer with a good assessment of your knowledge on these areas. They will also be assessing if you have a base understanding of some of the key standards used by auditors. Assurance is a legally mandated requirement – i.e. legally all registered companies have to submit audited financial statements. To ensure a consistent standard a lot of the practices that auditors perform have been formalised in standards, so a question that may arise from an IT assurance perspective is:
Which standards and methodologies are you familiar with?
In answer to this kind of question you would be wise to reference COBIT (Control Objectives for IT), which is the global framework outlining control objectives for IT and risk.
In amongst these questions, your interviewer will pad out the conversation with lots of behavioural-focused questions. For those working in audit, the ability to smooth the waters with businesses is vitally important as audits are typically viewed as a grudge purchase which can lead to a degree of conflict if not managed carefully. Thus, a key strength of assurance practitioners relates to the ability to effectively manage conflict as well as having effective negotiation skills.
Aimed at candidates with between 2-5 years’ experience, at this level, the types of questions you will be asked will likely centre around examples of where you’ve contributed to significant change within the organisation. At this stage in your career it all comes down to experience.
Tell us about a project or review you’ve worked on that has resulted in a significant control finding?
Have you been a part of a project or review that involved a big-ticket issue which you’ve identified?
Tell us about a review that you’ve led which resulted in a big change within the company?
Tell us about an occasion where you identified a significant IT risk?
At intermediate level, companies are looking for someone who has been part of a team and contributed something substantial in that guise. The expectation is not that you’ve necessarily taken ownership of the entire project as that’s not realistic, just that your contribution has proven significant to your organisation.
What is your specialism?
Furthermore, the interviewer may also be interested in your area of expertise as by this point you would likely have developed a preference for either technical security, risk management, business continuity or data analytics.
Rounding things off you can expect competency-based questions that are targeted at gleaning your understanding of the specifics of working in assurance. There are also likely to be questions designed to ascertain your soft skills, both with regards your ability to lead a team as well as your stakeholder management skills, the latter of which is something you’ll need to nurture as you become more senior.
For the more experienced candidates, those with 5 years’+ on the resume, what companies and hiring managers are looking for is a track record of making a difference on, and leading big-ticket initiatives.
Where have you led a review that has resulted in a significant finding that needed escalation to a senior level?
Where have you led a review that has resulted in significant change in the organisation?
At this stage the interviewer is mainly concerned with learning about the impact you’ve had in your assurance career up to this point.
How would you deal with a difficult stakeholder?
At a more senior level the ability to interact with stakeholders is critical, both internally with senior management, technical IT staff and so on, and externally with regulators, external auditors etc. You’ll need to be able to communicate the results of your assurance work competently and effectively.