Your search query
Function: Audit, Risk and Assurance
Reports to: Head of Technology Audit
Job Grade: PT1
Location: Colt House, London, UK (hybrid set up)
Role purpose
The Technology Lead Internal Auditor is primarily responsible for leading and/or participating in technology and security focused audits with support over technology control elements of financial and operational audit assignments. They will be responsible for evaluating the adequacy of Colt’s (Colt Core and DCS) overall control environment in both design and application, highlighting inefficiencies in processes and supporting the business in building a sustainable control environment. The Technology Lead Internal Auditor will also be responsible for assisting on ad-hoc special projects and completing audit projects in any of Colt’s locations. This role is a great opportunity to add value and develop expertise across technology, security, and transformation processes across multiple business units.
Key accountabilities
- Deliver and/or lead technology and security audit assignments across Colt locations in a timely and efficient manner, participating in all stages of the audit from planning, execution, reporting and follow-up
- Fully understand and communicate the impact of audit findings (including root causes and risks) to relevant key stakeholders. As technology and security can be complex, being able to communicate complex technical issues and ideas in simple terms is highly valued.
- Make value add recommendations to the business to improve controls, processes and overall governance
- Engage with stakeholders to obtain a comprehensive understanding of the business under review and the implications for audit
- Build trust and credibility with technology stakeholders throughout the audit process
- Maintain audit documentation in accordance with Colt audit methodology
- Provide coaching to junior staff members (e.g. graduates/apprentices) on audit methodology and practices, where applicable
Role specific requirements
Skills & Experience
- Experienced technology auditor (e.g. CISA, CISSP, ISO or CIMA qualification preferred but not essential)
- Some experience in using or planning data analytic based audits. Ability to analyse data and identify trends, think critically and solve problems using a high degree of intellectual curiosity and good judgement
- Over 3 years’ experience working in a technology and/or cyber security audit related role either as an internal auditor or in related auditing/assurance fields
- Good experience of controls on risk and assurance assignments, including greenfield audits
- Strong knowledge of audit techniques for technology and security (business and operational control and risk management, a bonus).
- Ability to operate in a flat organisational structure with direct exposure to senior management and Executives
- Strong communication skills, proactiveness, and competence to influence outcomes
- Work effectively with team members and the wider business to build partnerships.
IT Auditor
Technology business - US Listed
Central London - 5 days in the office a week
Minimal travel
This is an incredible opportunity for someone who is looking to join a driven, ambitious, sociable and high energy London employer!
Development and exposure is there for you to grab with both hands... it just needs you to have the will to learn.
This IT auditor role is part of a larger internal audit function of 6 people, and will report to the IT audit manager. You will shadow and work closely with a senior internal auditor and manager.
The work is varied, business value adding, and will see you helping the business withstand IT risk.
The ideal candidate will have:
- An interest and aptitude in IT audit, ITGC or data analytics.
OR, a Masters degree in Computer science and a willingness to develop quickly!
- Part qualified or keen to start a CISA
- Energy, enthusiasm and drive to learn
- Interest in coming to the office 5 days a week to learn, socialise, and be exposed to stakeholders... in turn, you learn a lot!
Salary is up to £50,000 plus bonus and benefits
Visa sponsorship will be considered if you are in the UK already
Internal
Role Profile
Job Title Corporate Governance – Finance Controls Advisor
Responsible to Corporate Governance Manager
Location Office Based (Hybrid 3:2)
Department Central Finance, Profit Protection, Risk & Control & Governance
Hay Grade D
This role profile is a guide to the work you will initially be required to undertake. It may be changed from time to time to incorporate
changing circumstances. It does not form part of your contract of employment.
Overall Purpose of the Role: To support the Corporate Governance Manager in strengthening and overseeing the finance control environment across UK & Ireland. The role will support the design, embedding, monitoring and assessment of the effectiveness of material financial controls aligned to Principal Risks disclosed in the Annual Report and Accounts, including those supporting key financial reporting processes (for example, order to cash, procure to pay, payroll, treasury and record to report).
Working in partnership with Finance leadership, process owners and shared service teams, the role will ensure controls are cl early owned, consistently operated, appropriately evidenced and subject to robust escalation where deficiencies arise. Governance standards will align with UK Corporate Governance Code Provision 29 and the broader SOX readiness roadmap.
The role reports into Corporate Governance. Ultimate control ownership remains with Finance leadership and relevant process owners.
Key Accountabilities Compliance - Finance Controls Governance
KPIs/Measures
• Ensure governance activity supports accurate, complete and timely financial reporting.
• Promote adherence to finance policies, controls standards and key regulatory obligations impacting financial reporting.
• Monthly finance control submissions completed within
agreed timetable • Actions tracked with clear ownership and due dates
• No overdue remediation beyond agreed tolerance
• Material finance control issues escalated in a timely
manner • Reduction in repeat control deficiencies
Relationship Management KPIs/Measures
• Build and maintain strong working relationships with Finance
leadership, process owners and shared service teams. • Provide constructive challenge where finance control standards
are not achieved. • Support education and awareness of finance control and SOX
readiness requirements across the business.
• Active participation in cross domain governance
forums • Positive feedback from Finance and Corporate
Governance stakeholders • Change actions implemented within agreed timelines
• Consistent documentation standards across domains
Internal
Finance Controls Programme
KPIs/Measures
• Design and maintain a documented framework of key finance controls across material financial reporting processes and key systems (including manual and automated controls).
• Develop and formalise finance control standards, minimum evidence requirements and documentation expectations to
support Provision 29 compliance and future SOX readiness. • Ensure controls are clearly owned, consistently operated and
appropriately evidenced across key processes including revenue, accounts receivable, accounts payable, payroll, fixed assets, inventory, treasury and financial close.
• Document control narratives, process flows and Risk and
Control Matrices to enhance clarity of design, accountability and audit readiness.
• Support implementation and governance of key preventative controls such as approvals, segregation of duties, reconciliations, management reviews and monitoring controls.
• Review periodic finance control submissions, assess compliance against agreed standards and track remediation actions to
completion.
• 100 percent of material finance controls formally documented and assigned to accountable owners
• Core finance policies and control documentation
maintained and subject to periodic review • Control execution and evidence submission completed
within agreed timetable • Key reconciliations completed and reviewed in line with
policy and close timetable
• Reduction in repeat control deficiencies across audit cycles
• Clear audit trail maintained for all material finance controls
Governance Monitoring & Reporting KPIs/Measures
• Develop and maintain monthly finance controls dashboards for review with Finance stakeholders.
• Lead structured monthly finance control review meetings with documented actions.
• Identify recurring themes and emerging finance risks, escalating
where appropriate.
• Finance controls dashboard submitted in line with agreed timetable and reporting standards set by the Corporate Governance Manager
• All actions logged with owner and due date • No action overdue beyond tolerance without escalation
• Accurate and complete input into Corporate Governance dashboard
• Thematic trends identified and escalated appropriately
Control Assurance and Effectiveness KPIs/Measures • Assess control effectiveness across finance control domains,
including manual and automated controls supporting financial reporting.
• Escalate material finance control deficiencies to the Corporate Governance Manager, with appropriate visibility to Finance leadership.
• Support Internal Audit and external assurance activity where required.
• Drive continuous improvement through automation, analytics and improved reporting.
• Material deficiencies escalated within agreed timeframe
• Root cause analysis completed for significant failures
• Remediation plans agreed within defined timeframe • Demonstrable improvement in finance control maturity
year on year
Audit & Assurance Oversight KPIs/Measures • Support the Corporate Governance Manager in acting as
primary governance liaison for Internal Audit reviews relating to
finance controls and ICFR / SOX readiness. • Coordinate control walkthroughs, evidence collation and
management responses as delegated, ensuring adherence to agreed timelines
• Review draft audit findings and management responses to
ensure root cause analysis is robust and remediation actions are proportionate
• Work with finance control owners and process owners to agree remediation actions, clear accountability and target dates
• Monitor progress of audit actions and escalate overdue or high-
risk items to the Corporate Governance Manager in accordance with governance framework
• Maintain an accurate central log of audit recommendations and status updates for reporting
• Support preparation for external audit or Provision 29 and
future SOX assurance reviews as required • Identify recurring themes from audit findings and propose
preventative improvements to strengthen control maturity
• 100 percent of Internal Audit actions tracked with no overdue items beyond agreed tolerance
• Audit evidence coordinated and provided within agreed timetable and meeting quality standards
• All significant findings supported by documented root
cause analysis and agreed remediation plan within defined timeframe
• Reduction in repeat findings across consecutive audit cycles through preventative action
• Clear monthly audit status reporting provided to Corporate Governance Manager
Internal
Person Specification
Leadership behaviours:
Can Do - Demonstrates resilience, sound judgement and the confidence to challenge appropriately.
Share Success – Supports stakeholders to understand control expectations and builds capability.
Passion for Quality - Maintains high standards of governance and follows through on actions.
Win through Teamwork – Builds collaborative relationships across Legal, Finance and Operations.
Embrace Diversity – Acts with integrity and promotes an inclusive compliance culture.
Essential • Professional qualification (e.g., ACA/ACCA/CIMA) or equivalent experience in finance controls, financial risk, audit or governance
• Knowledge of ERP environments (e.g., SAP) and the interaction between finance processes and systems • Experience within internal control frameworks such as SOX, ICFR or UK Corporate Governance Code Provision 29
• Experience documenting processes and controls (process narratives, flowcharts, Risk and Control Matrices) and assessing desig n and operating effectiveness
• Experience embedding and operating controls within operational or decentralised environments
• Strong stakeholder management and communication skills with the ability to provide constructive challenge • Ability to assess materiality and exercise balanced escalation judgement
• Strong analytical capability with attention to detail
• Proficient IT skills including Excel and reporting tools, with the ability to leverage automation and AI tools to improve eff iciency
Desirable • Experience working with AI Tools in particular. Copilot / ChatGPT
• Flowcharting - Visio
Key Contacts and Working Relationships • Corporate Governance Manager
• Finance Director / CFO and Finance Leadership Team
• Financial Reporting teams • Shared Services (e.g., Accounts Payable, Accounts Receivable, Payroll)
• Business process owners across Operations, Commercial and Supply Chain (for in-scope financial processes)
• ERP and Finance Systems teams (for controls enabled by systems and automation) • Corporate Governance peers across IT, Compliance and ESG
• Group Internal Audit
• External Audit and other assurance providers as required
• Risk and Compliance functions
Dimensions • Finance and financial reporting Principal Risks (including risk of material misstatement) • UK & Ireland operations
• Revenue £5+ billion
• Multi-site operational environment
Colleague Confirmation
Please sign and print name below to confirm receipt of your job description
Colleague Signature: _____________________________________________
Print Name: ____________________________________________________ Date: _________________________________________________________
Job Profile
|
Job title |
Senior Internal Auditor |
|
Business area |
Finance |
|
Reward level and salary |
D |
|
Scope of the role |
This is an exciting opportunity to join the Internal Audit & Risk (IA&R) team at M&S, working across diverse business areas both in the UK and internationally. You’ll play a pivotal role in reviewing the effectiveness of business processes, challenging and supporting improvements to the control environment, and adding value during ongoing transformational change. The role combines traditional audit delivery with a growing emphasis on data analytics, offering exposure to all commercial and functional activities. |
Key accountabilities, responsibilities, and measures
|
Audit Delivery
Data Analytics & Digital Audit
Audit Plan Development
Stakeholder Engagement
Continuous Improvement
Action Follow-Up
|
Key skills
|
|
Key relationships and stakeholders
|
|
OUR M&S CULTURE & BEHAVIOURS
Culture is the result of consistent behaviours. It’s what you see week in, week out, in how we work.
|
Job title |
Group Risk Analyst |
|
Business area |
Internal Audit & Risk, Finance Group, London |
|
Job purpose |
A great opportunity to work with different teams across M&S, reviewing the effectiveness of risk management activities, challenging, and supporting improvements to the control environment as well as adding value to the business during the significant ongoing transformational change.
The role of Internal Audit & Risk (‘IA&R’) is to provide independent and objective feedback to the Audit Committee and Business Leadership on key risks to the business and the appropriateness and effectiveness of mitigating controls. The functional remit is extensive and covers all commercial and functional activities. The team also provides consulting support to project teams on the design and implementation of business process controls and conducts investigations in the event of a significant control failure. |
|
Level & Grade |
C |
|
Reporting to |
Group Risk Manager |
|
Direct reports |
0 |
|
Scope of the role |
|
Key accountabilities & responsibilities
|
Risk Delivery
Stakeholder and Relationship Management
Continuous Improvement
Note that where capacity allows outside of risk delivery, there may be opportunity to support internal audit delivery, working with experienced internal audit colleagues. |
Key skills
|
Key relationships
|
OUR M&S CULTURE & BEHAVIOURS
Culture is the result of consistent behaviours. It’s what you see week in, week out, in how we work.
See below
Job Description
ABOUT US:
The Financial Controls and SOX Consultant will join an established team that oversees the timely delivery of a high-quality SOX programme in accordance with professional standards and Sportradar guidelines. Reporting to the VP, Financial Controls, the main purpose of this role is supporting the business to develop, implement and operate appropriate Internal Controls over Financial Reporting (ICFR). The role holder will work closely with key stakeholders across the organization and support the wider Financial Controls team to deliver critical targets and manage key systems.
The successful candidate will focus on maintenance of the current control framework. They will also oversee the execution, and ongoing operation of controls by 1st line of defence teams. Experience of working with internal control frameworks and associated activities would be an advantage. This role will work with the financial controls team and support other teams involved in internal control processes (SOX). It is critical that the role holder can communicate at all levels of the business, has the ability to understand complex processes and is enthusiastic to learn and progress in the business.
THE CHALLENGE:
- Working with key stakeholders to support them in delivering control documentation and supporting any control improvement initiatives.
- Support the development of Risk & Control Matrices (RACMs), process flowcharts and other required documentation.
- Assist with the documentation of relevant related policies and procedures.
- Support SOX scoping and planning exercises.
- Support the Business with implementing SOX controls for new in-scope entities, process changes, or acquisitions.
- Work together with IT to ensure the Group’s IT control framework meets SOX compliance requirements.
- Support the internal and external SOX audits, assisting with coordination of design walkthroughs and operating effectiveness testing. Monitoring and reporting on progress to Financial Controls Leadership.
- Support the Financial Controls team with the evaluation of control deficiencies identified by internal or external audit and work with control owners to establish remediation requirements.
- Assist with special projects (i.e. process improvements, system implementations and control re-designs).
- Support internal controls training and awareness initiatives developed by Financial Controls leadership.
- Perform other duties as assigned or as necessary.
ABOUT YOU:
- Bachelor’s degree or equivalent in business, accounting, finance, systems or related field.
- CCAB qualification (part-qualified would be considered)
- 3+ years of proven experience in working in a financial controls position (e.g. Internal Audit) within industry or with a Big4 company
- Working knowledge of SOX, COSO, financial and/or IT risks and internal control concepts and best practices
- Experience of using a GRC system (Auditboard/ Optro would be a bonus)
- Knowledge of Microsoft Dynamics and/or OneStream a plus
- Fluency in English required (written and spoken); German is a plus
- Strong written and interpersonal skills
- Proven ability to thrive in a creative, dynamic, fast-paced environment, and work both independently and in a team environment, shifting between the role of an individual contributor, team player, project manager, and strategist
- Availability to work in our City of London office for 3 days per week at minimum
- A passion for sports and innovation is a big bonus!
While we appreciate the flexibility and benefits of working from home, we strongly believe that coming together in person fosters stronger connections, encourages collaboration, and drives innovation—both as individuals and as a company. The energy, shared ideas, and team support we experience in the office strengthen the foundation of our success and culture. For this reason, we are an office-first business operating on a hybrid model, with team members working in the office three days a week to build relationships, exchange ideas, and grow together.
Technology Risk Associate Director- London / Manchester / Bristol / Reading / Birmingham
£100,000 - £120,000 + excellent package + benefits.
Candidates will need to hold right to work and undergo extensive security clearance.
70% delivery / 30% business development
CISA qualified - essential
We have a very exciting new opportunity for a very niche role this time at the AD grade, are you a candidate who experience with Internal Audit from a technology perspective.
This time we are looking at the Associate Director grade which has come about due to business growth and report to an amazing Director & Partner who are both bubbly, warm and friendly.
This role is largely remote and working from home, but please note there is travel to client site depending on client needs due to it being a client facing role!
This is a very exciting chance for you to join a fast, growing business with great culture and requires an expert in this area!
Candidates must be exposed and have experience with:
- A strong understanding of Internal Audit or Risk and Controls
- Cyber Assurance
- ISO 27001
- Experience of IT audit, end to end process
The ideal candidate based across the following regions:
- London
- Scotland
- Manchester
- Birmingham
- Bristol
Email me at Sheena@astrumsearch.com!
CONFIDENTIAL
Job Title Group Internal Controls Manager Location Chertsey Head Office Reporting to Head of Financial & ESG Controls
Role Overview The Group Internal Controls Manager plays an important role in supporting the design, implementation and embedding of a robust SOX-like internal controls over financial reporting (ICFR) across Compass Group. Compass Group aims to operate a robust UK Corporate Governance Code control environment and as part of this seeks to achieve control standards aligned with US SOX over its ICFR. This role will be at the forefront of this ambition, supporting the evolution of the Group’s ICFR framework in a proportionate and scalable way. The successful candidate will bring recent, hands-on experience implementing, operating and/or auditing strong (including SOX) frameworks, and will apply this expertise to help elevate the Group’s internal control maturity across a large, decentralised global organisation. Operating as part of the Group Second Line of Defence, the role partners closely with countries, head office functions, Internal Audit and External Audit to ensure controls are appropriately designed, documented, tested, remediated and governed in line with UK Governance Code, SOX and ICFR expectations. Key Responsibilities ICFR Framework enhancement • Support the implementation and enhancement of financial controls to align with a SOX-style
ICFR framework across Compass Group. • Support the design of risk assessments, scoping methodologies, materiality thresholds and
control rationalisation. • Support the development and maintenance of Risk and Control Matrices (RACMs) aligned to
best practice (SOX standards). • Drive consistent application of best practice concepts such as key controls, Information
Produced by the Entity (IPE), IT-dependent controls, entity-level controls and management review controls (MRC).
• Document end-to-end process flows to support risk identification, control design, testing and audit requirements
Embedding Controls • Work hands-on with countries and head office functions to understand processes, facilitate
standardisation, and embed best practice (SOX style) controls into end-to-end financial processes.
• Provide expert challenge and guidance to process and control owners on design, documentation and evidence standards.
• Translate technical requirements into clear, practical guidance suitable for a decentralised operating model.
CONFIDENTIAL
• Build strong control capability across the business through training, coaching, sharing of best practice and knowledge sharing.
Testing, Deficiencies & Remediation • Perform testing of design and operating effectiveness of key controls. • Review testing performed by the business, ensuring alignment with best practice including
SOX methodology. • Assess deficiencies including severity evaluation (deficiency, significant deficiency, material
weakness). • Perform root cause analysis and support the design of robust remediation plans. • Track remediation progress and ensure timely and sustainable closure of control issues.
Audit & Governance • Act as a key UK Governance Code, SOX and ICFR liaison with internal audit and external
audit. • Contribute to bi-annual controls compliance reporting & review. • Support governance and controls reporting to key stakeholders.
Skills & experience • Recent, hands-on experience implementing, operating and/or auditing SOX 404 internal
controls. • Strong working knowledge of UK Governance Code and SOX methodologies including
scoping, risk assessment, key control identification, IPE, sampling, testing and remediation. • Experience working with external auditors on controls audits or readiness programmes. • Strong understanding of core financial processes (Record to Report, Order to Cash, Procure
to Pay, Hire to Retire). • Strong stakeholder management skills with the ability to influence and challenge
stakeholders. • Pragmatic mindset with the ability to apply rigour proportionately. • Professionally qualified accountant (ACA, ACCA, CIMA or equivalent). • Background in SOX compliance, Internal Audit, External Audit or Risk Assurance.
What This Role Offers • Opportunity to support the enhancement of a robust UK Corporate Governance Code
control environment to achieve control standards aligned with US SOX in a FTSE 20 global organisation.
• High visibility with senior stakeholders. • Ability to help shape the Group’s ICFR framework and long-term SOX roadmap. • International exposure and strong professional development opportunities.
- Group Internal Controls Manager
- Job Title
- Role Overview
- The Group Internal Controls Manager plays an important role in supporting the design, implementation and embedding of a robust SOX-like internal controls over financial reporting (ICFR) across Compass Group.
- Compass Group aims to operate a robust UK Corporate Governance Code control environment and as part of this seeks to achieve control standards aligned with US SOX over its ICFR. This role will be at the forefront of this ambition, supporting the evolu...
- The successful candidate will bring recent, hands-on experience implementing, operating and/or auditing strong (including SOX) frameworks, and will apply this expertise to help elevate the Group’s internal control maturity across a large, decentralise...
- Operating as part of the Group Second Line of Defence, the role partners closely with countries, head office functions, Internal Audit and External Audit to ensure controls are appropriately designed, documented, tested, remediated and governed in lin...
- Key Responsibilities
- ICFR Framework enhancement
- Embedding Controls
- Testing, Deficiencies & Remediation
- Audit & Governance
- Skills & experience
- What This Role Offers