Antecedentes

The IT Audit Adviser will take the lead in designing and implementing OAI’s IT audit approach for headquarters and the field. Specifically, the responsibilities of the IT Audit Adviser will include: performing IT audit risk assessments and maintaining the IT audit risk universe of UNDP up-to-date; creating risk-based IT audit plans in consultation with the relevant stakeholders and the OAI management team; implementing comprehensive IT audits in compliance with relevant Professional Standards and guidance; and managing and supervising the IT audit services that are delivered by specialized IT professionals or firms to OAI. The IT Audit Adviser will also design, maintain and monitor the implementation of audit procedures that cover UNDP IT-related risks in the field and to be applied by OAI auditors during their field missions. To this effect, the IT Audit Adviser will be required to maintain coordination and consultation with the Chiefs and staff of the five RACs. Occasionally, the IT Audit Adviser will be required to undertake audit missions in the field, in some instances this could be to a duty station with hazardous conditions.

In addition, the IT Audit Adviser will lead and manage the provision of IT audit services, either directly or through providers of IT audit services, to affiliated entities such as UN Volunteers, United Nations Capital Development Fund, United Nations Office for South-South Cooperation, Multi-Partner Trust Fund Office and UN Women. The IT Audit Adviser will lead the provision of advice to OAI and to UNDP management on IT-related governance, risk management, security, controls and other relevant areas.

Deberes y responsabilidades

• As the lead for OAI IT audit approach, performs IT audit risk assessment and update IT audit risk universe and IT audit-related Standard Operating Procedures. 
• Closely coordinates and consults with the Chiefs of audit units in OAI on IT risks and related audit procedures in the field and at Headquarters.
• Coordinates with central UNDP IT and communication services to stay up-to-date on emerging IT policies and systems and to exchange lessons learned on related area.
• As an IT audit team leader, plans, organizes, manages, undertakes, reports on and assumes accountability for achieving the IT audit objectives and results, in accordance with accepted auditing standards, guidance, and OAI internal policy guidelines.
• Assesses the team’s overall performance in a participatory manner. Provides direction, guidance to team members ensuring effective team functioning. Follows up on the implementation status of audit recommendations, and, when applicable, advises the relevant supervisor of problem areas.
• Supervises and provides technical guidance to the IT Associate in charge of administering and maintaining audit-related software used by OAI staff.  This includes a web-based electronic audit working paper software (currently Paisley GRC) that is hosted offsite and a web-based database (developed in-house) for following up on audit reports and recommendations.
• Manages and supervises the services of IT experts hired by OAI to assist in audits or investigations.

• Designs an IT audit approach that supports and makes a strategic contribution to the evolving IT needs of the organization.
• Contributes to ongoing development of professional practices within OAI and stays abreast of developments in the IT audit field and the internal audit profession generally.
• Formulates audit recommendations that strengthen IT-related strategic thinking in UNDP emphasizing areas on governance, risk, security and corporate controls. 
• Builds partnerships with other IT Audit functions in UN organizations.

• Assesses the adequacy and effectiveness of IT-related governance, risk management, security and internal controls and compliance with policies and procedures. 
• Identifies and convincingly communicates with clients, in writing and verbally, to draw attention to IT-related risks, weaknesses and strengths and to facilitate decision-making.
• Provides clients with advice on IT-related governance, risk management, security, controls and other relevant areas. Documents best practices for knowledge sharing.
• Provides input and advice on UNDP initiatives in IT-related systems and controls.  
• Supports OAI management and staff on IT audit matters.  This would include (a) guidance on UNDP IT policies, systems and controls; (b) guidance on IT audit policies, procedures and standards, (c) building and/or running queries for data extraction; and (d) occasional IT forensic services which could include digital data preservation and analysis, database examination and data recovery.
• Conducts special assignments on an ad hoc basis including management reviews, consulting assignments, special audits and training workshops.
• Contributes to and advises on corporate initiatives such as redesign of financial regulations and rules and IT security policies, design of major automated systems or streamlining UNDP business processes. 
• As the need arises, undertakes missions to UNDP business units and affiliates’ offices around the world, which may include areas with hazardous working conditions.

• Participates in the implementation of his/her personal learning and training development plan.
• Performs other assignments or tasks as determined by the OAI Senior Management.

Competencias

• Demonstrates integrity and fairness
• Display cultural sensitivity
• Shows strong corporate commitment
• Complies with UNDP regulations, rules, and code of conduct

• Motivates and coaches team members
• Embraces extra responsibility
• Build team morale & consensus
  

• Produces timely, quality outputs
• Exercises sound judgment/analysis
• Develops creative solutions
• Ability to handle multiple tasks

• Writes clearly and convincingly
• Speaks clearly and convincingly
• Has good presentation skills
• Listens actively and responds effectively

• Actively builds deep knowledge in one or more areas
• Makes valuable practice contributions
• Applies existing knowledge to work
• Provides advice & support to others

• Provides constructive coaching and feedback
• Acts as long-term mentor for others
• Acts on personal development plan

• IT risk assessment
• IT audit universe
• IT audits
• IT forensic services
• Special audits
• Advisory services

• Strong knowledge of Windows operating system.  Additional knowledge of Linux and/or Mac an advantage
• Strong command of Microsoft office suite
• Strong command of Standard Query Language (SQL)
• Good knowledge of Enterprise Resource Planning systems (preferably PeopleSoft and/or Oracle)
• Good knowledge of computer assisted audit techniques (ACL or IDEA)
• Knowledge of Microsoft SharePoint is desirable
• Familiarity with electronic working paper software. Knowledge of Paisley GRC is desirable
• Understanding of computer forensic tools such as EnCase, Forensic toolkit (FTK) and/or Autopsy is desirable

Habilidades y experiencia requeridas

• Advanced university degree in Computer Science, Accounting, Audit, Business Administration, Commerce or related field. 
• A first level degree in combination with a certification as Chartered Accountant or Certified Public Accountant may be accepted in lieu of an advanced degree.
• Professional certification in IT systems and software is required (CISA, SSCP, ISO 27001 Lead Auditor ISMS, or equivalent).  
• Additional professional certifications (ACCA, CPA, CIA, CFE) or in accounting are an advantage. 

• A minimum of 10 years of professional experience in IT systems and controls several of which in IT audit or IT forensics. 
• Familiarity with accounting, internal audit or financial audit is an advantage.
• Experience in auditing an environment that relies on an enterprise resource planning system is desirable.
• Working experience in an International Organization is desirable.

Language skills:

• Fluency in English.
• Knowledge of additional United Nations official languages is an advantage.

FC: 11000