1. 6th
December 2010
COTSWOLD DISTRICT COUNCIL
JOB DESCRIPTION
Title: Internal Auditor (ICT)
Directorate: Corporate Services – Cotswold District Council (CDC), Resources
– Cheltenham Borough Council (CBC) & Corporate Resources –
West Oxfordshire District Council (WODC)
Service: Internal Audit Partnership
Grade: SO1
Location: Primary and employment base CDC,
Secondary bases CBC, WODC, and other sites in line with the
partnership requirements
Responsible to: Audit Partnership Manager
Responsible for: Leading audit team members in ICT related assurance or
consultancy activity
Liaison with: Within the Directorate: Financial Services (CDC), Resources
(CBC) & Corporate Resources
(WODC), Service Managers and
Officers
Within the Council: Members, Directors, Assistant
Directors, Heads of Service, Service
Managers and Officers
Outside the Council: ICT auditors, external auditors, other
local authorities, other internal auditors
in the region, other external bodies
such as the Police, Serious Organised
Crime Agency
Main purpose of post: To assist in the delivery of a quality internal audit service, with a
specialist focus on ICT auditing, to a range of audit clients agreed
by the Audit Partnership Manager in compliance with the CIPFA
Code of Practice in Local Government in the United Kingdom
2006 to:
• meet client needs and expectations,
• satisfy statutory and professional obligations,
• ensure key risks are properly addressed in achieving
strategic objectives.
Page 1
2. Page 2
Main Duties:Main activities:
(applies all organisations that are
members of the partnership under
the direction of the Audit
Partnership Manager)
- Undertake specialist & technical ICT audits, leading an audit
team when necessary, across all partnership sites and clients;
- Undertake general audit assignments across all partnership
sites and clients;
- Undertake audit assignments from initial contact with client to
preparation of reports;
- Plan and set up audit assignments to meet the allocation within
the Annual Audit Plan;
- Draft Terms of Reference for each audit to be agreed by Audit
Partnership Manager / Principal Auditors and the relevant
Service Manager / client;
- Undertake analysis of financial and non-financial data,
evaluate the results and formally report to the client;
- Have the ability to use different approaches and methodologies
including risk based audit, ICT audit, analytical review,
Computer Assisted Audit Techniques, substantive and
compliance testing. The Postholder should have an
appreciation of the relative merits and appropriate usage of
each methodology;
- Formulate recommendations for improvements to clients’
systems and procedures following audits with particular
reference to ICT e.g. ISO 27001, ISO 38500, ITIL, etc;
- Assist with client discussions relating to audit findings and
agree recommendations for system or organisational changes;
- Prepare Draft and Final reports to a high professional standard
and agree with clients;
- Follow up audit recommendations to ensure that clients are
taking action to improve systems and controls;
- Promote and maintain good relations and the good reputation
of the Internal Audit Partnership by ensuring audit work is
undertaken with integrity, competence, objectivity and
confidentiality;
- Ensure that the appropriate regulations, professional standards
and guidelines are followed in the provision of audit services;
- To remain up-to-date with the latest computer audit techniques
and to obtain/maintain professional qualifications in computer
auditing
External Relationships:
- Work in partnership with the External Auditors to provide a
‘managed’ audit service where reliance can be placed on the
Internal Audit work;
3. Page 3
- Liaise with the external auditor on results of all audits carried
out, and provide high quality audit files to facilitate external
inspection of the Audit Section
- Liaise with other ICT auditors in local authorities to identify;
best practice, emerging ICT issues, etc
- Liaise with external bodies such as the Police or Serious
Organised Crime Agency in any cases where there is
suspicion of fraud or money laundering activity.
Supporting the Council’s Management Team:
- Provide audit advice and information to clients, both in
response to requests and proactively;
- Work with clients to develop effective control procedures;
- To undertake consultancy work as required by clients and
agreed with the Audit Partnership Manager / Principal Auditors;
- Work in partnership with the External Auditor on key local and
national strategic objectives, in particular the strengthening and
maintenance of corporate governance;
Team Work:
- Support other members of the Audit team in the delivery of
audit services;
- Advise and support the Audit Partnership Manager on audit
matters, including relevant changes to legislation or other new
requirements, with a particular focus on ICT.
- Work with the Audit Partnership Manager to develop systems
and procedures for improving the delivery of audits to clients;
Formal Training:
- Undertake a course of study to obtain suitable qualifications in
computer audit, as agreed with the Audit Partnership Manager
- Undertake training as required to meet Continuous
Professional Development requirements.
Other activities: - Any other duties as allocated by the Audit Partnership
Manager.
Conditions of service: - The post is subject to two month's notice on either side.
- You may be required to use a car for work. The Council pays
a mileage rate for any authorized use of a private car for
business purposes.
- The post will be based at offices in Trinity Road, Cirencester or
at such other place of employment in the service of the Audit
Partnership as required.
- The postholder will be required to comply with the Council’s
5. Page 5
PERSON SPECIFICATION
INTERNAL AUDITOR (ICT)
Requirements Essential or
Desirable
Method of Assessment
Qualifications
Honours Degree in ICT related field
or equivalent
Desirable Application/certificates
Relevant professional audit qualification e.g. PIIA,
or equivalent
Essential Application/certificates
Relevant professional computer audit qualification
e.g. CISA, QiCA, etc or work towards this
qualification
Desirable Application/certificates
Experience
Good understanding of modern computer
systems and technologies.
Essential Application/Interview/
Presentation
3 years experience in a similar or related field,
preferably in the public sector
Essential Application/Interview
Experience of working alone and as part of a team Essential Application/Interview
Experience of performing internal audits and
producing internal audit reports.
Essential Application/Interview
A clear understanding of the modern day role of
internal audit, incorporating risk and risk-based
audit
Desirable Application/Interview/
Presentation
Knowledge and understanding of the issues
affecting local government
Desirable Application/Interview
An appreciation of the requirements of fraud and
irregularity investigations
Desirable Application/Interview
Skills
High level of IT skills - MS Office, Information
Management, Data Extraction and Analysis, etc
Essential Application/Interview
Excellent written and oral communication skills Essential Application/ Interview
Excellent presentation skills Desirable Presentation
The ability to influence, persuade, and liaise
effectively at all levels of the organisation
Desirable Application/Interview
Other
Ability to maintain confidentiality in accordance
with Data Protection
Essential Interview
The ability to work with minimal supervision using
own initiative
Essential Application/interview
6. Page 6
Ability to record and deal with data accurately and
effectively
Essential Application/interview
Proactive/self motivated Desirable Interview/references
Ability to prioritise and meet tight deadlines Desirable Interview/references
High level of judgement, tact, discretion and
initiative
Desirable Interview
Use of a car for business purposes when
necessary.
Desirable Application/interview