IT Audit Specialist

Job Title: IT Audit Specialist
Contract Type: Permanent
Location: London
Salary: London (£51,597 to £63,235) or Newcastle (£41,823 to £57,355)
Reference: n/a
Contact Name: Ahsin Ebadian
Contact Email:
Job Published: January 23, 2020 13:33

Job Description

Closing date: 02/02/2020

Job description
Location: London (£51,597 to £63,235) or Newcastle offices (£41,823 to £57,355)

The clients of the NAO are investing in IT systems to address the challenges they face in fulfilling their role. This includes investing in new finance systems and related support systems. These investments mean that, increasingly, the NAO’s financial audits are relying on automated controls/IT dependent manual controls and supporting IT general controls, necessitating increased requirements for IT Audit to support the NAO’s audits of financial statements.

The IT Audit specialist will be joining an IT audit team which is made up of seven IT audit specialists to deliver work across around 40 different clients covering all areas of the NAO’s financial audit client base.

The team is led by an IT Audit Director and three IT Audit Managers.

We require an experienced IT Audit specialist capable of scoping, planning, and hands on delivery of IT Audit work, including testing IT General Controls and related automated controls.

We also require the candidate to be involved in other internal aspects of our IT audit practice work, including the development of practice material (e.g. work programmes, guidance material etc).

Given the likely engagements on which they will work, it would be helpful for the candidate to have experience in some or all of the following areas:

• Financial services clients;
• Oracle finance systems (including Fusion);
• SAP finance systems (including S/4 HANA);
• Active Directory; and
• System migrations.

On non-client work:

• Given that there are a range of tasks that the candidate could be asked to work on, the candidate must have the skills and experience to be able to move from a client focussed IT Audit testing role to an internal material development role.
• As the candidate will be producing client facing and internal facing written material, they must have strong report writing skills.

The preferred candidate is likely to be an experienced Senior Consultant or equivalent, with experience of IT audit work, close to promotion to a managerial role, and is capable of working independently.ResponsibilitiesIntroduction

Your key responsibilities
will be supporting the IT Director and IT Audit Managers in the planning, scoping and delivery of the annual programme of IT audit work. Depending on the level of experience of the candidate, some management of specific IT Audit engagements may be required.

Delivery of specific IT Audit engagements

• Working with individual financial audit teams to plan and scope the IT audit work that needs to be carried out to support reliance on automated controls and / or IT reliant manual controls.
• Developing documented IT Audit plans, together with supporting budget and resource plan, to ensure that IT audit work is formally agreed with individual audit teams.
• Briefing clients’ staff (including senior staff) on the reasons for and extent of the IT audit work to be carried out.
• Developing information requests for clients setting out the information needed to deliver the required IT audit work.
• Reaching conclusions on the level of assurance that can be obtained over IT controls based on outcome of testing. Assessing the extent of reliance that can be placed on automated controls based on the outcome of testing, communicating to the audit team on these results, and then interpreting for the audit team the level of assurance they can obtain from the IT audit work, including advising them on any additional audit procedures they may need to perform to address any issues arising.
• Drafting reports for both clients and internal audit teams to communicate the results from IT audit testing and to address any issues arising with proposed recommendations for enhancement to controls and processes.

Development of IT Audit within the NAO

• Assisting in the development of IT Audit skills of other auditors, through on the job coaching of both other IT Audit specialists and financial audit team members on IT audit matters.
• Planning and delivering a portfolio of IT audit engagements.
• Assisting the IT Audit Director and IT Audit Managers in developing audit approaches that respond to new and emerging technologies.

The impact you’ll make
Right from the start, you’ll contribute to work that matters. Whatever you work on it all serves to help hold government to account for the way it uses public money and helps to promote improvements in public service delivery. The scope of our impact is huge – from health to education to justice to overseas development to the BBC and Bank of England – and much more.

Our recommendations and reports on good practice help government improve public services, and our work led to:
• Audited savings of £734 million in 2016
• £7.5bn saved since 2010
• £16 savings for every £1 spent on running the NAOSkills required

• Strong understanding of how IT Audit supports the financial audit and the factors that ensure high quality IT audit work.
• Good technical skills on the audit of IT systems. We would be looking for technical strength (in the context of the financial audit) in some of the following: Active Directory; Unix; Oracle (including Fusion); SAP (including S/4 HANA); and SQL.
• Experience of hands on delivery of IT audit work. Some experience of acting as first stage reviewer of IT audit work would be an advantage.
• Experience of working with financial audit teams and of interpreting what the results from the IT audit work mean for the financial audit team in terms of assurance that can be taken or of additional audit work that the financial audit team/IT auditor may need to perform.
• Experience of drafting reports for client management on matters arising from IT audit work performed.
• Experience of working with senior level client IT management.
• Understanding of end to end business processes (e.g. Order to Cash, Purchase to Pay, Record to Report) and how IT systems and controls fit into these processes.
• Experience of / involvement in, controls based auditing (e.g. SOx testing) would be an advantage.


• Intellectual curiosity, especially about technology and business process related matters.
• Ability to work co-operatively and collaboratively as part of a team to deliver a team effort.
• Drive and determination to overcome obstacles, resistance or challenges in order to achieve goals.
• Commitment to personal development and keeping technical skills up to date.
• Good communication skills and ability to flex these to address the various audiences from junior audit staff through to senior level client staff.

You must be a UK, Commonwealth, EEA or Swiss national to comply with Civil Service nationality rules and must hold a valid work permit. We are not able to sponsor work visas.

Recruitment Process:
To apply, please submit an up to date CV and covering letter setting out briefly what you would bring to the role and the NAO.
After the initial sifting, there will be a telephone interview followed by a presentation/case study and final interview in our London office.
The closing date for applications is Friday 2 Feb 2020.
Educational requirements
• A strong academic background. We will need to see evidence of academic achievement which may be through attendance at University, or similar institution.
• IT audit experience, with a significant portion of that experience arising from IT Audit work done in support of the financial audit.
• Experience of working on clients with large complex systems. Experience in Oracle (including Fusion) and SAP (including S/4 HANA) systems would be of particular interest.
• An IT Audit qualification (e.g. CISA) is preferred, but evidence of strong practical experience of delivering IT audits in support of the financial audit is more important than a qualification.
• A formal finance qualification would be an advantage.