Skip to main content

This job has expired

Director - IT Audit

National Audit Office (NAO)
London or Newcastle
up to £130,000 + benefits
Closing date
20 Mar 2024

Job Details

Job description

We are pleased to announce an opportunity for a Director – IT Audit.

This is an exciting opportunity to join the National Audit Office to lead its growing IT Audit function (which is part of the National Audit Office’s (NAO) Digital Financial Audit (DFA) Team) focussed on: delivery of IT audit and assurance work; supporting audit methodology development relating to the use of IT Audit and controls (and related automation tools) within our financial audit work.

The Director – IT Audit provides strategic oversight of the delivery of high-quality external IT audit and related controls work to support effective accountability and scrutiny. Engaging with senior stakeholders, both internally and at the organisations we audit, this Director has responsibility for the direction of IT audit work, drawing on the wider work of the NAO to add value and make a difference. Internally, the Director – IT Audit will lead our IT Audit team and people, collaborate and act as a role model for the behaviours and ways of working needed to support us becoming an exemplar organisation.

The IT audit function within the DFA Team has a critical role in supporting the FA Service Line through the delivery of IT Audit work and support to financial audit teams in their testing of automated controls.

These functions are critical to enable the effective roll-out of the NAO’s Strategy and its ambition for a digitally enabled audit approach.

IT audit is a growing area of our work. In relation to the IT Audit aspects of the digital audit portfolio, the increased use of IT Audit and controls testing, within the NAO’s Financial Audit (FA) work, is a key workstream in the Audit Transformation Programme (ATP) as we seek to embed controls and IT Audit into a greater proportion of our audits.

As well as delivering the IT Audit and Controls aspects of the ATP the Director – IT Audit will be expected to assist with the development of our FA focussed Data & Analytics by working closely with the Director – Data & Analytics Operations (Director D&A Ops). The Director – IT Audit will also work closely with our Audit Transformation Programme team who are lead our financial audit change programmes including the adoption of new technologies.


Typical responsibilities for our Director – IT Audit include:

  • Developing our IT Audit and controls development strategy;
  • Development of our approach to, and delivery methods for, our IT Audit and controls work.
  • Development of appropriate training courses to support the IT Audit/Controls approach and methodology to ensure the quality and efficiency of this work as we expand the use of IT Audit/controls in our FA work.
  • Leading the development of the IT Audit and controls capability within the NAO.

The successful candidate will:

  • Build the skills and capabilities of the DFA team , and grow the team, in line with the growth in demand for the services the team provides.
  • Develop the broader digital and technology awareness amongst FA colleagues (in partnership with other NAO Directors involved in digital and technology matters).
  • Work with FA Director colleagues to support them with the delivery of their financial audits, encouraging the greater use of DFA approaches where this adds to the quality, efficiency and insight of these financial audits.
  • Oversee the delivery of our portfolio of IT Audit work, ensuring that the work is appropriately resourced, and is delivered in accordance with the NAO’s methodology.
  • Take the lead in ensuring the quality of the IT Audit work delivered. This to include leading on engagement with the External Audit Regulator (the Audit Quality Review (AQR) team of the Financial Reporting Council (FRC)) on IT Audit matters arising from their review.
  • Raise the NAO’s external profile in the area of digital financial audit and so contribute to our authoritative voice on technology related controls matters.
  • Contribute to other NAO products such as: value for money reviews, investigations and departmental overviews, where these require specialist expertise.
  • Lead horizon scanning, and market awareness initiatives, relating to the use of technology in support of delivery of IT Audit work, in line with the NAO’s ambition of being a fast follower of the large commercial audit firms in our evolution towards a more digitally enabled audit.
  • Be accountable to the Executive Director of Financial Audit (who is the NAO’s Head of Audit) . The Director will work closely and collaboratively with the Director in the Financial Audit Practice and Quality (FAPQ) Team who has responsibility for Financial Audit methodology and quality.
  • He/she will be expected to work collaboratively with colleagues at all levels of the organisation and with senior colleagues across government (including CIOs and Directors General, Finance).

Our values reflect who we are as the NAO, how we work together and with those outside the NAO, to achieve our purpose and priorities. We're looking for people who believe in and exemplify our values to help the NAO be a great place to work. We act with courage and integrity – we’re honest, open and challenging of ourselves and others to achieve better outcomes. We are inclusive and respectful, treating our people and stakeholders with courtesy and understanding. We are curious and seek to learn to help ourselves and government improve how they use public money. And we strive for excellence to achieve high quality work that makes a difference.

The person we are looking for:

The successful candidate will have significant experience of delivering IT audit and assurance as part of external audit work, and developing and enhancing the audit methodology to incorporate the use of technology.

We are looking for candidates who can provide leadership and direction to our IT audit work and play a key leadership role in enhancing the quality and impact of our work across the NAO’s financial audit service line.

The successful candidate will be able to credibly engage and build relationships with internal stakeholders (including the NAO’s Leadership Team and Directors, equivalent to engagement partners) and external stakeholders (including audited bodies, partner firms, audit technology providers and Parliament). The successful candidate will have the strategic vision to shape our IT audit approach to respond to internal and external developments as part of our Audit Transformation Programme.

More generally, the successful candidate will play a key leadership role in achieving our strategic ambitions, including attracting and retaining high quality people; and holding ourselves to the high standards expected of public bodies when it comes to efficiency, value for money and long-term sustainability.

Skills required

  • Senior level experience and deep expertise in: accounting/audit; IT Audit and broader information technology matters; risk evaluation, project governance, information security and business process controls
  • Capable of applying their experience and expertise to a variety of Public Sector organisations.
  • Holding a relevant professional qualification (s) (e.g. CCAB, and CISA or CIA)
  • Informed on current and emerging technology related risk areas such as: technology related fraud, Cloud computing, Online self-service, Shared Service Centres, IT development methodologies and Artificial Intelligence,
  • Understanding of business process controls and Internal Control Frameworks (e.g., COSO)
  • Skilled in report writing, including the specific requirements of Audit Committee papers.
  • Possess well developed listening and questioning skills.
  • Be self-starters, demonstrating drive and initiative.
  • Has the technical knowledge, and commitment to understanding the NAO’s financial audit methodology, to:
    • Guide FA teams in identifying IT related risks to their audit.
    • Agree an appropriately detailed IT audit response to address the risks identified for relevant technology layers.
    • Develop Operational strategies for the automated controls elements of financial audits.
  • Experience in the development and delivery of training courses on automated controls courses to both financial auditors and automated controls specialists.
  • Has experience of business process and related controls, including planning, delivering and reviewing a diverse range of assignments where audit teams seek to rely on controls. This experience to include where an organisation uses third party service organisations requiring controls assurance to be obtained via controls reports (i.e., SOC1/ISAE3402 reports)
  • Reviewing IT General Controls including; access controls, change controls, relevant computer operation controls, new system implementation controls and related entity level controls.
  • Our major clients use SAP and Oracle ERP systems, many Cloud based running on Active Directory and Unix operating systems. So the Director – IT Audit will be expected to have appropriate levels of hands on experience of undertaking IT Audit work on: Oracle EBS / Oracle Fusion; SAP ECC / SAP S/4 Hana; Unix systems together with knowledge of auditing Active Directory and cloud-based systems

The assessment and selection process:

If you wish to apply you should submit a brief covering note (no more than 1,000 words) and an up-to-date CV by midday on 20 March 2024.

Interviews are expected to take place during w/c 8th April 2024, with the outcome confirmed shortly thereafter. We would look for individuals to take up post as soon as possible thereafter.


The National Audit Office (NAO) scrutinises public spending for Parliament. Our public audit perspective helps Parliament hold government to account and improve public services.

We audit the financial statements of all central government departments, agencies and other public bodies, and report the results to Parliament. Our other work comprises value for money studies, local audit, investigations, support to Parliament and international activities.


Company info
United Kingdom

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert