Job Description

If you have experience and skills in helping customers to understand and manage their IT risks, along with ensuring exemplary standards of governance, control and assurance issues
we would love to hear from you. You will lead a flexible team to deliver DDaT assignments. Work can be highly complex and high profile, with considerable stakeholder liaison.
GIAA employs Audit Managers to lead assignments and manage customer relations, depending on the size of the customer. Liaison
will be managed collaboratively with Senior Audit Managers. Audit managers are integral to the leadership of the Agency and have a role beyond delivery of audit services to support the ongoing
development of our services, staff and customer approach. Our Audit Managers use their expertise and experience to deliver value to the Agency and customers. There are clear opportunities
for progression within the Agency and the wider civil service for candidates with the right skills and approach.

With access to high profile work, you will work alongside key decision makers, other auditors and private sector contractors within the Agency, challenging and developing your skills as well
as ensuring we meet our customer expectations.

This is an opportunity to join a highly respected, forward-thinking organisation that builds and maintains strategic relationships at the most senior levels across the majority of government
departments. The variety and contribution of these roles is unparalleled across government.

We offer support in maintaining and building your professional career through technical training, coaching and development opportunities.

You are entitled to a range of benefits from generous pension provision, embracing of flexible work patterns, diversity and security.

Responsibilities:

• Provide input to the development and implementation of audit plans for identified customers, bringing to this an understanding of the risk environment, materiality and the control framework.
• Consulting with and managing positive engagement with Directors and other senior customers to facilitate understanding, recommend control improvements, advise on the resolution of risk management challenges and influence positive outcomes.
• Developing, delivery, revision and monitoring of the key aspects of IT audit programmes in a professional and proactive manner that enhances the customer experience.
• Active representation at key meetings and events to support customers in key risk and control decisions.
• Using strong subject knowledge to offer proactive and strategic opinions, assurances and specialist advice and ensuring these are compliant with internal and external standards.
• Providing functional insight, understanding and support across Internal Audit in relation to key aspects of operational delivery and new and emerging developments.
• Ensuring that key findings from audit reviews are accurately reflected, analysed and interpreted within reports to the Departmental Audit, Risk and Assurance Committee, senior customers and other interested bodies.
• Leading and motivating staff to ensure that the audit work programme is delivered within the parameters of the most efficient, effective and appropriate professional resource provision derived from the flexible resource pool and strategic partnership input.
• Managing the delivery of the programme to time, budget and quality standards to develop clear, evidenced based opinions, ensuring that all deliverables are compliant with and support internal and external professional standards.
• Promoting and embedding the concept of a continuously improving professional function, based upon enhancement of individual and collective capabilities and professional skills.
• Using strong subject knowledge to provide strategic and well thought through ideas to enable positive contributions as a member of the Internal Audit Leadership Team.
• Embracing and leading by personal example, promoting GIAA values and leadership behaviours.
• Act as a member of the Senior Team supporting a Group Chief Internal Auditor; and play an active part in the delivery of corporate objectives and develop and grow the Agency.
• Within own audits, be accountable for compliance with professional standards and compliance with GIAA’s new single audit methodology and audit management software
• Take account of key requirements and practices when planning and prioritizing work and ensure that the delivery of plans meets management and stakeholder expectations i.e. timeframes, budgets, quality.
• Show judgment when potential risk exposure seems significant and escalate matters through the appropriate management/customer channels – this may involve liaison with specialists within the Agency or with outside advisers.
• Engage with suppliers using the GIAA framework and obtain the best VFM for audit work
• Be accountable for the performance of the team (including work delivered by private sector firms performing co-sourced audits) in meeting agreed plans, objectives and targets, as well as the resulting provision of audit assurance to the Accounting Officer and/or Partner Organisations

Responsibilities

Person Specification

You will be required to write a statement of 750 words setting out how your skills and experience meet the criteria:

• Proven experience of successfully managing and delivering IT assurance services (including external/internal audit)
• Experience in an IT risk and control / audit environment
• A good understanding of IT data centre operations and a variety of technology platforms
• A good understanding of risk and issues that would be encountered by our clients during major IT projects
• Excellent communication skills (both written and oral) and interpersonal skills
• Ability to present on specific subjects to a group of people (internal/external)
• Ability to identify and assess complex IT risks and controls
• Ability to develop excellent client and internal relationships
• Ability to deliver work within tight timescales, to budget and to a high quality
• Excellent team player but able to work on own initiative

Required Knowledge, Skills, and Abilities

Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager Certified in Risk and Information Systems Control Certified in the Governance of Enterprise IT Member of the Chartered Institute for Information Technology