6th December 2010 COTSWOLD DISTRICT COUNCIL

JOB DESCRIPTION

Title:

Internal Auditor (ICT)

Directorate:

Corporate Services – Cotswold District Council (CDC), Resources – Cheltenham Borough Council (CBC) & Corporate Resources – West Oxfordshire District Council (WODC)

Service:

Internal Audit Partnership

Grade:

SO1

Location:

Primary and employment base CDC, Secondary bases CBC, WODC, and other sites in line with the partnership requirements

Responsible to:

Audit Partnership Manager

Responsible for:

Leading audit team members in ICT related assurance or consultancy activity

Liaison with: Within the Directorate: Financial Services (CDC), Resources (CBC) & Corporate Resources (WODC), Service Managers and Officers

Within the Council: Members, Directors, Assistant

Directors, Heads of Service, Service Managers and Officers

Outside the Council: ICT auditors, external auditors, other

local authorities, other internal auditors in the region, other external bodies such as the Police, Serious Organised Crime Agency

Main purpose of post:

To assist in the delivery of a quality internal audit service, with a specialist focus on ICT auditing, to a range of audit clients agreed by the Audit Partnership Manager in compliance with the CIPFA Code of Practice in Local Government in the United Kingdom 2006 to: • meet client needs and expectations, • satisfy statutory and professional obligations, • ensure key risks are properly addressed in achieving

strategic objectives.

Page 1

Page 2

Main Duties:

Main activities: (applies all organisations that are members of the partnership under the direction of the Audit Partnership Manager)

- Undertake specialist & technical ICT audits, leading an audit team when necessary, across all partnership sites and clients;

- Undertake general audit assignments across all partnership sites and clients;

- Undertake audit assignments from initial contact with client to preparation of reports;

- Plan and set up audit assignments to meet the allocation within the Annual Audit Plan;

- Draft Terms of Reference for each audit to be agreed by Audit Partnership Manager / Principal Auditors and the relevant Service Manager / client;

- Undertake analysis of financial and non-financial data, evaluate the results and formally report to the client;

- Have the ability to use different approaches and methodologies including risk based audit, ICT audit, analytical review, Computer Assisted Audit Techniques, substantive and compliance testing. The Postholder should have an appreciation of the relative merits and appropriate usage of each methodology;

- Formulate recommendations for improvements to clients’ systems and procedures following audits with particular reference to ICT e.g. ISO 27001, ISO 38500, ITIL, etc;

- Assist with client discussions relating to audit findings and agree recommendations for system or organisational changes;

- Prepare Draft and Final reports to a high professional standard and agree with clients;

- Follow up audit recommendations to ensure that clients are taking action to improve systems and controls;

- Promote and maintain good relations and the good reputation of the Internal Audit Partnership by ensuring audit work is undertaken with integrity, competence, objectivity and confidentiality;

- Ensure that the appropriate regulations, professional standards and guidelines are followed in the provision of audit services;

- To remain up-to-date with the latest computer audit techniques and to obtain/maintain professional qualifications in computer auditing

External Relationships:

- Work in partnership with the External Auditors to provide a ‘managed’ audit service where reliance can be placed on the Internal Audit work;

Page 3

- Liaise with the external auditor on results of all audits carried out, and provide high quality audit files to facilitate external inspection of the Audit Section

- Liaise with other ICT auditors in local authorities to identify; best practice, emerging ICT issues, etc

- Liaise with external bodies such as the Police or Serious Organised Crime Agency in any cases where there is suspicion of fraud or money laundering activity.

Supporting the Council’s Management Team:

- Provide audit advice and information to clients, both in response to requests and proactively;

- Work with clients to develop effective control procedures;

- To undertake consultancy work as required by clients and agreed with the Audit Partnership Manager / Principal Auditors;

- Work in partnership with the External Auditor on key local and national strategic objectives, in particular the strengthening and maintenance of corporate governance;

Team Work:

- Support other members of the Audit team in the delivery of audit services;

- Advise and support the Audit Partnership Manager on audit matters, including relevant changes to legislation or other new requirements, with a particular focus on ICT.

- Work with the Audit Partnership Manager to develop systems and procedures for improving the delivery of audits to clients;

Formal Training:

- Undertake a course of study to obtain suitable qualifications in computer audit, as agreed with the Audit Partnership Manager

- Undertake training as required to meet Continuous Professional Development requirements.

Other activities: - Any other duties as allocated by the Audit Partnership Manager.

Conditions of service: - The post is subject to two month's notice on either side.

- You may be required to use a car for work. The Council pays a mileage rate for any authorized use of a private car for business purposes.

- The post will be based at offices in Trinity Road, Cirencester or at such other place of employment in the service of the Audit Partnership as required.

- The postholder will be required to comply with the Council’s

Page 4

Health and Safety and Equal Opportunities Policies.

Page 5

PERSON SPECIFICATION

INTERNAL AUDITOR (ICT) Requirements

Essential or Desirable

Method of Assessment

Qualifications

Honours Degree in ICT related field or equivalent

Desirable Application/certificates

Relevant professional audit qualification e.g. PIIA, or equivalent

Essential Application/certificates

Relevant professional computer audit qualification e.g. CISA, QiCA, etc or work towards this qualification

Desirable Application/certificates

Experience

Good understanding of modern computer systems and technologies.

Essential Application/Interview/ Presentation

3 years experience in a similar or related field, preferably in the public sector

Essential Application/Interview

Experience of working alone and as part of a team

Essential Application/Interview

Experience of performing internal audits and producing internal audit reports.

Essential Application/Interview

A clear understanding of the modern day role of internal audit, incorporating risk and risk-based audit

Desirable Application/Interview/ Presentation

Knowledge and understanding of the issues affecting local government

Desirable Application/Interview

An appreciation of the requirements of fraud and irregularity investigations

Desirable Application/Interview

Skills

High level of IT skills - MS Office, Information Management, Data Extraction and Analysis, etc

Essential Application/Interview

Excellent written and oral communication skills

Essential Application/ Interview

Excellent presentation skills

Desirable Presentation

The ability to influence, persuade, and liaise effectively at all levels of the organisation

Desirable Application/Interview

Other Ability to maintain confidentiality in accordance with Data Protection

Essential Interview

The ability to work with minimal supervision using own initiative

Essential Application/interview

Page 6

Ability to record and deal with data accurately and effectively

Essential Application/interview

Proactive/self motivated

Desirable Interview/references

Ability to prioritise and meet tight deadlines

Desirable Interview/references

High level of judgement, tact, discretion and initiative

Desirable Interview

Use of a car for business purposes when necessary.

Desirable Application/interview