IT Risk and Audit Manager

Division/Department

Internal Audit, Risk and Operational Resilience

Location

Base location of Holborn Store Support Centre, with a requirement to travel to other locations as required. This will primarily be within the UK.

Reporting to

Internal Audit operates a matrix structure. This means you will have one line manager for your development and report to multiple Senior Risk and Audit Managers for audit delivery.

In a nutshell

Deliver to time and quality a portfolio of internal audits across Sainsbury's Group as per the Audit plan. This position will have responsibility for reviewing all aspects of Information Technology (IT) including infrastructure, application controls, core IT processes and emerging technology. The IT Internal Auditor will provide management with an independent assessment and assurance related to the adequacy, effectiveness, and sustainability of controls. Own relationships with senior business stakeholders to support them real time in identifying and managing risks and delivering assurance. Support the continuous improvement activities and share external best practise and innovative thinking into our Internal Audit processes and methodologies.

What you need to do

• Build and maintain strong relationships with auditees. This will involve supporting stakeholder owners across Sainsbury's Tech and understanding and monitoring change, for example updating the Auditable Divisional Risk Profile, developing audit proposals and risk maps.
• Act with a good level of judgement during audit and advisory work.
• Use tools available to pull and analyse data to inform audits and provide assurance and advice
• Driving a continual risk focus in the business through supporting the Senior Risk and Audit Manager in facilitating risk workshops and meetings to help management identify, assess and manage key business risks.
• Support the Senior Risk and Audit Manager in developing an ongoing risk-based audit plan.
• Manage workload to lead and deliver multiple audits in a number of divisions to meet time, cost and quality targets across all Sainsbury's sites.
• Develop recommendations and actions that balance both commercial considerations and the risk exposure and control requirements of the business.
• Provide real-time support, challenge and actionable insight to management when developing and implementing new processes including delivering business change projects.
• Contribute to team success through contributing and implementing continuous improvement activities in the team.

IT auditors will primarily carry out audits in their area of specialism. However, if business needs arise, they will conduct some audits in other divisions depending on the audit plan and capacity of the team.

What you need to know :

Essential:

• Demonstrable experience or understanding of technology risk and control environments at interview.
• Experience of working in / auditing complex IT environments.
• Proven track record in developing strong stakeholder relationships at different seniority levels.
• Excellent communication and interpersonal skills, which includes an ability to explain the impact of technology risks to stakeholders outside of IT.
• Self-starter who requires little or no day-to-day support to manage / prioritise workload.
• Strong analytical and report writing skills.
• Curiosity to learn new skills / knowledge and a commitment to personal development.
• Good understanding of technology, systems and data flows and how these relate to business operations.
• Strong commercial acumen.
• An understanding of the Internal Audit industry.
• Strong time management and project management skills to ensure work is delivered on time, to budget and to the expected quality.
• Prior internal or external audit experience with a track record of leading audits and adapting to change.
• Demonstrable ability to apply sound judgement.
• Experience of auditing / working with Agile teams

Desirable:

• CISA /CISM/CRISC qualified .
• Retail/operational experience.
• Risk facilitation experience.
• Forensic/data analytics experience.
• Scrum master/coach experience
• Experience of deploying agile methodology to deliver audits.

What you need to show

Demonstration of Sainsbury's values:

• We are trusting each other, working and winning as one team : Builds strong working relationships within the team and across the organisation whilst retaining independence.
• We are making it simpler : Identifies opportunities of continuous improvement to make Internal Audit ways of working simpler whilst maintaining quality standards.
• We are doing the right thing for our customers to grow sales : Identifying actionable insight through audit work, which drives change across Sainsbury's.
• We are making it happen at pace : Flexes and adapts approach to deliver timely assurance while maintaining quality standards.
• We are treating every pound as our own : Has a commercial awareness to ensure the business impact of audit findings are understood.
• We are cheering on our progress : Recognises when colleagues have made great progress and actively acknowledges this.

What decisions I can make

• The role requires a high degree of personal accountability to deliver audits to budget, methodology and the quality standards Internal Audit prides itself on.
• Day to day, time management and resource requirements for audit work.

Resources available to me

The Internal Audit team consists of approximately 26 professionals with differing technical skills, e.g. IT, project assurance, fraud, business process and financial controls. The audit team operates a matrix reporting structure due to the varied nature of the coverage across the organisation. You will be the key Divisional contact for the Sainsbury's Tech division for Internal Audit to drive engagement, risk ownership and awareness.

Work-life balance is important to us, so we offer our colleagues as much flexibility as possible in line with the needs of their role. We trust them to decide how, where and when they work, combining remote and collaborative working with a flexible approach to hours, giving them plenty of time and space for life outside of work whilst delivering against our business goals.

#LI-BB1