Internal Audit & Risk Senior Manager

Recruiter
Cloudpay
Location
Andover
Salary
£50-70,000 per annum + benefits.
Posted
30 Jan 2018
Closes
02 Mar 2018
Contract Type
Permanent
Hours
Full Time
Travel
None

Responsible for the implementation and execution of the internal audit plan for the business.  This will involve working closely with the Governance Committee of the Board of Directors and the business to agree the scope of the audit program as well as its’ execution.  Key to the role is to work with the business in the improvement of systems, policies and procedures, including ensuring audit findings are appropriately responded to.

In addition, this role has responsibility for the maintenance of the risk register across the business and, with the appropriate business owners, ensuring that appropriate risk assessments are performed, documented and managed when there is significant change.

The role will also assist the management team and subject matter experts with the management and coordination of external audits (ISO, customer audits, Data Protection), including the performance of pre-audit reviews. 

Essential Duties and responsibilities

Internal Audit

  • Propose and implement the framework and approach for the internal audit function, working with the CFO, and agree this framework with the Governance Committee of the Board of Directors
  • Work with the business to propose a schedule of audits to be completed and when, prioritised according to risk
  • Perform the audits and report on their findings to the Governance Committee.  This will include:
    • Consultation with the business owner to understand the area to be audited and possible risks
    • Determine and document the scope and detailed audit tests to be performed
    • Perform the audit and document the audit results
    • Report the audit results and recommendations to the business owner as well as the Governance Committee
    • Work with the business owner to implement agreed recommendations, including agreeing a timetable for their implementation
    • Post audit review of whether the changes that have been made have resulted in the expected improvements
  • Together with the Head of the In-Country Partner network, design and perform an audit of those partners to ensure that they are meeting the standards required of them. This will include:
    • Use of a questionnaire to perform an annual assessment of the partners and review of the results
    • Desk top reviews of the questionnaire results with the partners to follow-up on any queries raised
    • On-site visits to the partners where appropriate and on a rotational basis as required
  • Support the business owners (eg. Information Security) and subject matter experts (e.g. Data Protection) in the performance of external audits, such as ISO, SOC and requests from prospects and customers
  • Keep up-to-date with audit procedures and regulations by attending conferences, workshops and networking events.
     

Risk Management

  • Maintenance of the risk policies and procedures and communication of them across the business
  • Responsibility of the maintenance of this risk register.  This will include:
    • Twice-yearly assessment of the risk appetite of the business and review and assessment the risks across the business and their inclusion in the risk register
    • Follow-up of agreed risk mitigation actions, ensuring that they are successfully implemented and the risk assessment adjusted accordingly
    • Working with the Infosec Certifications Senior Manager in respect of information security risks and their management and mitigation
    • Reporting of the risk register and the overall risk profile of the business to the Governance Committee
  • Assisting the appropriate business owners with the performance of risk assessments, which will include:
    • Maintenance of the policy, including when risk assessments need to be performed and the form and content of those risk assessments
    • Training the business owners in the completion of the risk assessments and assisting in their completion where appropriate
       

Positions specifications

  • Professional qualification
  • Previous experience in providing an internal audit service
  • International experience would be an advantage.
  • Able to communicate risks, opinions and recommendations clearly.
  • Great attention to detail.

Similar jobs

Similar jobs