They don't come much bigger. At the Australian National Audit Office (ANAO) you could be conducting IT audits on the Department of Defence, the Australian Taxation Office and other organisations that are among the largest spenders on IT systems in Australia. It's challenging work that comes with big rewards in terms of prestige, satisfaction and working conditions.

The use and adoption of emerging technologies typically makes a big impact in any environment. The fascinating aspect of our IT Audits work is to identify and assess the risks that these technologies present when adopted by our Public Sector clients.

While our focus is conducting technical audits over networks, operating platforms and database management systems, we also provide professional, technical consultancy on the risks and controls of the technologies. The diversity of our client base and our use of computer-aided audit support systems, all make for an interesting job to apply your technical abilities.

Roles, requirements and responsibilities

Job Requirements

To be considered for an IT Audit position at the ANAO, you will require the following:

  • Degree or higher qualification in Information Technology, Information Systems, Information Management considered relevant by the delegate;
  • Excellent IT technical and/or IT audit skills; and
  • Australian Citizenship.

More senior positions also require:

  • Good appreciation of the impact of IT on key business processes; understanding of auditing standards and relevant IT standards;
  • Good knowledge of audit risk methodologies, benchmarking practices and best practice frameworks such as CobiT and ITIL; and
  • Demonstrated skills in project or task management including planning, leading and managing technical IT audits.

Roles and responsibilities

IT Auditor (Team Member - APS Level 4)

You will undertake audits of a low to medium level of complexity, according to established plans either individually or as part of a team. The main tasks revolve around the documentation of accounting and business systems, identification of key controls, conducting audit tests and drafting reports.

Under the broad supervision and guidance of the Director/Senior Director, positions at this level:

  • Either individually or as part of a team, undertake IT audits (both performance audit and financial statement audit) in accordance with an approved plan;
  • Provide assistance in the conduct of IT audits;
  • Provide professional or technical support;
  • Contribute to drafting audit strategies/reports; and
  • Contribute to the maintenance and enhancement of client relationships.

IT Auditor (Team Member - APS Level 5)

You will undertake audits of a low to medium level of complexity, according to established plans either individually or as part of a team. The main tasks revolve around the documentation of accounting and business systems, identification of key controls, conducting audit tests and drafting reports.

Under the broad supervision and guidance of the Director/Senior Director, positions at this level:

  • either individually or as part of a team, undertake IT audits (both performance audit and financial statement audit) and ensure the delivery of audit products;
  • Provide high level assistance in the conduct of all phases of an IT audit including:
    • Integrating the role of IT audit in performance and financial statements audits; and
    • Drafting timely reports that are credible and reflect sound judgement and evidence gathering techniques.
  • Provide professional or technical support;
  • Assist in drafting IT audit strategies/reports; and
  • Contribute to the maintenance and enhancement of client relationships.

Senior IT Auditor (Team Leader - APS Level 6)

In addition to leading a small team and the management of discrete programs, you undertake more complex and higher risk audits. You are responsible for drafting audit strategies, the preparation of reports and discussing findings with clients. An additional important responsibility is the development of less experienced staff.

Under the broad supervision and guidance of the Director/Senior Director, positions at this level:

  • Play a lead role in completing IT assignments (both performance audit and financial statement audit);
  • Manage IT assignments and provide high level assistance in the conduct of IT audits;
  • Provide significant professional or technical support;
  • Assist in preparing IT audit strategies and reports;
  • Contribute to continuous improvement in methodologies and work practices; and
  • Supervise and assist in the professional development of less experienced staff.

Director (Executive Level 1)

You take on responsibility for leading and managing a work area that is strategically important, or of moderate to high risk. You are involved in high level audit planning, investigation and reporting, project management and resource management for less complex and lower risk level audits. You are also responsible for the development of your staff, and take part in the development of strategic solutions for the Assurance Audit Services Group, including business and operational plans. Director level employees are required to manage client relationships and develop professional relationships with Parliamentary Committees, Client Audit Committees and other senior stakeholders.

Under the broad guidance of the Executive Director/Senior Director, positions at this level:

  • Contribute to the management of teams responsible for undertaking IT audit assignments (performance and financial statements audit)
  • Make a contribution to the achievement of corporate objectives
  • Assist in the formulation of IT Audit business and operational plans
  • Provide a high level of professional and technical advice on a range of IT audit issues
  • Raise awareness of IT issues for performance and financial statements audits
  • Manage internal and agency relationships
  • Mentor, guide and support professional development of staff.

Senior Director (Executive Level 2)

You take on the responsibility for leading and managing work areas that are most strategically important, and/or of highest risk. You will be involved in high level audit planning, investigation and reporting, project management and resource management for more complex and higher risk level audits. You are also responsible for the development of strategic solutions for the Assurance Audit Services Group and formulating business and operational plans. You will develop and mentor staff, manage client relationships and develop professional relationships with Parliamentary Committees, Client Audit Committees and other senior stakeholders.

Under the broad guidance of the Executive Director, positions at this level:

  • Lead and manage a work area responsible for undertaking IT audit assignments (both performance and financial statements audit);
  • Assist with the strategic management of the work area and the development of strategic solutions;
  • Formulate business and operational plans for the work area;
  • Provide significant professional and technical advice on a range of IT audit issues;
  • Contribute significantly to the setting and achievement of organisational objectives;
  • Raise awareness of IT issues for performance and financial statements audits;
  • Manage client relationships; and
  • Motivate, guide and develop professional development of staff.

Meet your workmates

Edwin Apoderado

I have worked in the IT industry for several years and was working as a management consultant prior to joining the ANAO in 2007. I made the transition to the ANAO as it had a reputation for performing interesting work that was high-impact and the organisation was highly recommended by friends and mentors. I was amazed after the first few days by the intelligence and insight of the people I talked to and by their commitment to getting the job done.

The ANAO provides the variety of work, similar to my previous consulting roles. I have had the opportunity to work on audits of large departments such as Defence and ATO, which have some of the most complex systems in Australia. My engagements have included assessments of: large-scale mainframe environments; complex logistics, taxation and payment systems; IT governance; system integration and consolidation projects; whole-of-government initiatives; and biometric and risk profiling applications. The exposure to different clients and systems provide the ideal platform for becoming a complete business professional.

In addition to the variety of work, I have also been impressed by the opportunities to work with very qualified and thoughtful people who bring the spirit of collaboration to what they do. I have worked in different sized teams and with a range of experts, such as ex-CIOs, system architects, and mainframe and security specialists. I am amazed at the quality of the people inside the ANAO and the calibre of the thinking that goes into identifying solutions. The ANAO also gives me opportunities to work with senior people in the public sector, including exposure to emerging issues and upcoming innovations across several business areas. The ANAO brand really opens the doors to collaborating with talented people in both public and private sectors.

The ANAO's commitment to people is another aspect that I admire. From the assessment process through to learning and development, the ANAO focuses on growing its staff and building internal capability. The ANAO is supportive of further study and will provide financial support to help achieve further qualifications. The ANAO also provides an environment that encourages a good work-life balance. I value my time with my family and I am not expected to work long hours or throughout my weekends. I am privileged to be a part of such a great organisation that has exciting work, great people and a supportive work culture.

Lesa Craswell

I have worked for the private sector and public sector. I have gained experience through working in a variety of positions in the IT industry, utilising a wide range of skills. Working at the ANAO was suggested to me as a way to utilise all the skills I had learned.

Since joining the ANAO I have worked as a team member, a Team Leader and an IT Audit Manager. There have been plenty of opportunities to advance my career. I was the IT Audit Manager for the Australian Taxation Office financial statements audit and I have been the IT Audit Manager for the Department of Defence and Defence Materiel Organisation financial statements audits. These audits are large and diverse and have many interesting aspects to learn and review.

I have also had the opportunity to work on performance audits in a number of government agencies. My contributions to audits have been recognised through positive feedback from both colleagues and clients. I have found being able to actively contribute to enhancing public sector effectiveness and efficiency very rewarding.

The ANAO places an emphasis on learning and development and I have been able to attend a number of interesting courses. Some courses have been very technical in nature, while others have assisted me in my career development and progression.

The ANAO has also provided me with the opportunity to travel around Australia performing audit work. I have also been able to participate in secondment and exchange programs to New Zealand and Canada.