In accordance with its Charter, the Office of the Inspector-General (OIG) provides oversight of FAO’s programmes and operations through internal audit and investigation. The Internal Audit Branch (OIGA) carries out assurance and advisory activities designed to add value and improve the organization's operations by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control and governance processes. The Branch conducts its work in accordance with the International Professional Practices Framework (IPPF), including the Code of Ethics and the International Standards for the Professional Practice of Internal Auditing, promulgated by the Institute of Internal Auditors (IIA) and adopted by the Internal Audit Services of the United Nations agencies.
The post is located in the Internal Audit Branch (OIGA) of the Office of the Inspector-General (OIG) at FAO headquarters in Rome, Italy.
Reporting Lines:
The Internal Auditor (Information Technology) reports to a Senior Auditor (Head of Unit), OIG.
Key Functions:
Participates in and/or provides specialist expertise to multidisciplinary audit teams and/or project, programme and operational reviews.
Plans and conducts audit assignments, from the initial planning, information gathering and interview stages to the final analysis and report writing stages, in accordance with internal procedures and auditing standards.
Prepares using TeamMate, electronic working papers that support audit observations and recommendations.
Prepares clear and concise draft reports and presents audit results and recommendations orally to the Inspector General and to management.
Participates in capacity development activities and provides on-the-job training to other audit staff.
Contributes to maintaining and updating the FAO Internal Audit Manual.
Performs other duties as required.
Specific Functions:
Contributes to the assessment of information technology risks in FAO.
Plans and conducts information technology audit assignments in accordance with internal procedures and auditing standards.
Provides advice on information technology governance, risks and controls.
Provides support in meeting OIG's requirements for audit-related informatics and digital transformation.
Candidates Will Be Assessed Against The Following:
Minimum Requirements:
Advanced university degree in audit, information systems, computer science, data science, business or public administration, finance, accounting, economics, law or a related field (candidates holding a first level university degree in the above-mentioned fields may also be considered if possessing two additional years of relevant work experience in information technology audit or information technology process improvement and a certification from an internationally recognized auditing and accountancy body such as CIA, CPA, ACCA or equivalent).
Five years of relevant experience in information technology audit or information technology process improvement in an organization using modern auditing techniques, tools and information systems (e.g. internal audit department in the public or private sector, or an auditing or consulting firm).
Working knowledge (proficient – level C) of English and limited knowledge (intermediate – level B) of another official FAO language (Arabic, Chinese, French, Russian or Spanish).
Technical/Functional Skills:
Work experience in more than one location or area of work, particularly in field positions.
Work experience in an international setting is desirable.
Professional certification such as Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), ISO 27001, Information Technology Infrastructure Library (ITIL) or IT Project Management is desirable.
Extent and relevance of experience in performing information technology audits, providing advice on information technology governance, risks, delivery and/or control aspects (e.g. information technology security, data protection, information technology service management, information technology projects, information technology systems, technological innovation, etc.).
Knowledge of information technology governance, risk and control concepts.
Demonstrated ability to identify issues, collect and analyse information and develop recommendations and/or solutions
Knowledge in data analysis techniques and tools.
Demonstrated experience and ability in report-writing in English.
Professional certification from an internationally recognized auditing and accountancy body such as CIA, CPA, ACCA or equivalent is an advantage for candidates possessing an advanced university degree.
Professional certification in data management, data analytics or data science would be an advantage.
Experience in using programming languages such as Python, JavaScript or Structured Query Language (SQL) would be an advantage.
Familiarity with specialized audit software is considered an asset.
