Internal Audit Officer

Bristol, County of Bristol, United Kingdom, United Kingdom
GBP 80,000.00 per year
19 Apr 2024
18 May 2024
Job role
Audit, Internal audit
Bevan Brittan is a UK-Top 100 commercial law firm providing a comprehensive range of legal services from offices in Birmingham, Bristol, Leeds and London.

The firm advises businesses across construction, energy & resource management, higher education and financial services, complementing the firm's market leadership within housing, local government and health & social care.

We currently employ over 600 people, including over 90 Partners, and our award-winning teams provide construction, commercial, corporate, property, regulatory, employment and litigation (commercial and clinical negligence) legal advice.

Bevan Brittan is named among 'The Times Best Law Firms 2023' and has recently either won or been shortlisted for a number of prestigious awards.

We are driven by our 4 values: Relationships, Results, Reputation and Responsible. These give us a sense of purpose and ensure we always work collaboratively with clients and colleagues, continually improve, make the right choices and act with integrity.

Bevan Brittan is an equal opportunities employer and welcomes applicants from all backgrounds.

The Role:

An Internal Audit Officer is required to support the expanding Risk & Best Practice department, including the Director of Risk (DoR) and the Information Security Manager (ISM) in the delivery of a professional and first class risk and regulatory service to the firm.

Reporting to the ISM, the role will be based in our Bristol office but will involve travel to the firm's other offices in London, Leeds and Birmingham, and to offsite supplier locations as and when needed in line with the audit programme and as directed by the ISM and the DoR.

Relevant knowledge and awareness will include:
  • Familiarity with core Microsoft applications (Outlook, Word, Excel, Powerpoint, SharePoint)
  • Familiarity with cloud-based collaboration software such as HighQ is an advantage
  • Good word processing skills, ability to touch type
  • Problem-solving skills
  • A strong understanding of risk management principles and the ability to identify risks to an organisation.
  • A good understanding of ISO 27001 is an advantage, as is a broad understanding of data protection
Ability to undertake all aspects of an Internal Audit Officer role including:
  • Planning for, and arranging the firm's annual ISO 9001, 27001 and 14001 external audits, liaising with the ISM and internal stakeholders/auditees, to include:
    • Acting as a point of contact for external auditors and audit participants.
    • Arranging audit dates with the certification bodies.
    • Arranging meetings with internal stakeholders.
    • Dealing with invoicing and other associated administration.
    • Reporting on audit outcomes, including any non-conformities (NC's) and opportunities for improvement (OFI's).
    • Ensuring that NC's and OFIs are picked up in the OFI log and relevant remedial actions and dates agreed with stakeholders.
    • Monitoring changes to ISO audit standards and associated guidance, and with the ISM, formulating plans to upgrade the firm's integrated management system (ISMS, QMS and EMS) in line with these.
  • In conjunction with the ISM and the DoR , planning and administering the firm's programme of internal audits in support of the firm's ISO certifications, Risk Register (ERR/ORR) risk treatment decisions and/or any relevant client contractual requirements, to include:
    • Liaising with external ISO consultants to obtain a gap analysis.
    • Utilising the gap analysis, plus ERR/ORR and client requirements to formulate an internal audit plan.
    • Seeking input on the plan from ISO consultants and other key stakeholders (including the Data Protection Officer and other Risk & Best Practice team members).
    • Finalising and publicising the plan to internal stakeholders.
    • Thereafter administering the plan, to include:
  • Arranging internal audits conducted by ISO consultants and other consultants as required.
  • Conducting internal audits assisted by the Risk & Best Practice Assistant, within available resources.
  • Communicating audit findings to stakeholders, including any remedial actions and associated deadlines.
  • Monitoring and follow up of audit findings, including the maintenance of the Opportunities for Improvement (OFI) register and ensuring that agreed audit recommendations are closed out in a timely way.
  • Monitoring and reporting on any risks to fulfilment of the plan.
  • Monitoring and reporting to the ISM in relation to expenditure against budget for the plan.
  • Updating the internal audit plan periodically in conjunction with the ISM and the DoR, taking into account any new or changed risks on the ERR/ORR, changes to existing certification standards, and any new or prospective certifications (such as ISO 22301).
  • Providing periodic updates on progress against the plan, including via Word and PowerPoint.
    • Organisation of internal training on internal audit, and associated communications so as to promote a better understanding within the firm of internal audit and the value it delivers to the business.
    • Updating policies and guidance on internal audit on the Know How database, and updating relevant links on the intranet.
    • Dealing with miscellaneous queries including emails and phone calls relating to internal audits and the internal audit plan.
    • Assisting in the file review process, to ensure that reviews are completed fully and on time.
Skills and Experience Required:
  • Previous experience of working in an internal audit team an advantage, but not essential. Likewise, a CIA (Certified Internal Auditor) qualification (including ISO 27001 Certified ISMS Lead Auditor) will be an advantage, but not essential.
  • Awareness of the key principles of Information Security and Best Practice (including ISO 27001, 9001 or Lexcel) an advantage, but not essential.
  • Awareness of running an ISO 14001 compliant environmental management system an advantage.
  • Ability to work in a careful, methodological way with excellent attention to detail and personal organisation to ensure that issues are followed through and closed out.
  • Good time management to effectively meet deadlines and complete audits on schedule.
  • Ability to manage changing day-to-day work pressures and to prioritise work appropriately (and reprioritise where urgent issues arise).
  • Ability to develop and build upon strong relationships with key stakeholders in the legal teams and Business Services.
  • Excellent written and verbal, communication skills.
  • Good awareness and understanding of IT software systems, specifically as they apply to professional service firms would be an advantage.
  • Strong communication skills, including oral communication, report writing and presentation skills.
  • Ability to take ownership of tasks and projects and manage own workload to meet deadlines, identifying any risks to agreed deadlines and addressing these proactively.
  • Ability to deliver work of a high quality, whilst ensuring that time allocated to particular tasks is proportionate.
  • Proactive, self-motivated and flexible approach, including:
    • positive, 'can-do' attitude
    • identifying when issues are urgent and should take priority
    • strong team player - supporting and helping others in the team
    • ability to work diplomatically, but effectively, with others in order to meet the Risk & Best Practice team's objectives
  • In dealings with any external third parties, being an effective ambassador and advocate for the firm, its culture and values.
  • Commitment to continuous learning and staying up-to-date with relevant changes to the ISO standards and other key law/regulation relevant to the role.
Work-life balance

Where possible, we want to offer all Bevan Brittan people flexibility to work their week in a way that suits them - we operate a hybrid working model based on the needs of our clients, teams and that of the individual. Our core business hours are 9am - 5:15pm Monday to Friday, however we are open to individuals working more flexibly around those times and would welcome a conversation with you if you have any questions.

We offer a substantial benefits package to all employees including:
  • A minimum of 25 days holiday (plus the option to buy up to an additional 5 days)
  • Discretionary bonus scheme
  • Generous pension scheme
  • Private medical insurance through Vitality
  • Biennial private health assessment through Nuffield Health
  • Life assurance
  • Access to Employee Assistance Programme
  • Cycle to work scheme
Responsible business

To us, being a responsible business is second nature; a core part of Bevan Brittan's identity, running through our culture and embodied by the clients we serve. We want to demonstrate our commitment to these causes through actions rather than words; colleagues from across the firm are already heavily involved, living and breathing the four pillars of our Responsible Business strategy:
  • Community Engagement -Each lawyer has the opportunity to undertake pro bono legal work for local charities and not-for-profit organisations. We also play an active role through our local office communities, in 2022 we fundraised and donated a total of £80,000 to our four regional office charities, with each charity receiving £20,000 to help fund their vital services.
  • Environmental Sustainability- Bevan Brittan is proudly a carbon neutral firm. We have achieved the UN's Climate Neutral Now accreditation and our environmental sustainability plan is focused on achieving our net zero carbon target.
  • Equality, Diversity & Inclusion- We have a strong and vibrant diversity programme that gives colleagues across the firm an opportunity to take part, led by our Equality, Diversity & Inclusion Committee and supported by our Ambassadors, who drive engagement in our strategy and raise awareness across the firm.
  • Wellbeing -We are proud of our open culture, where colleagues feel empowered to speak openly about physical and mental health issues and to seek out support when needed. We have trained 21 colleagues across the firm as Mental Health First Aiders and established a programme of initiatives including our informal 'coffee with' scheme.
Collectively, these four pillars ensure we look after our colleagues' wellbeing; offer an environment in which all can progress on merit, regardless of personal circumstances or background; give something back to the communities in which we work; and protect the environment.

Similar jobs

Similar jobs