Petrofac
Petrofac

Deputy Head of Internal Audit & Enterprise Risk

Job Overview

Petrofac is a leading international service provider to the energy industry, with a diverse client portfolio including many of the world’s leading energy companies.

 

We design, build, manage and maintain infrastructure for our clients. We recruit, reward, and develop our people based on merit regardless of race, nationality, religion, gender, age, sexual orientation, marital status or disability. We value our people and treat everyone who works for or with Petrofac fairly and without discrimination.

 

The world is re-thinking its energy supply and energy security needs; planning for a phased transition to alternative energy sources. We are here to help our clients meet these evolving energy needs.

This is an exciting time to join us on this journey.

 

We support flexible working requests and have adopted a hybrid approach for most of our office-based roles. We ask employees to be present in the office at least three days per week.

 

Are you ready to bring the right energy to Petrofac and help us deliver a better future for everyone?

 

JOB TITLE: DEPUTY HEAD OF INTERNAL AUDIT & ENTERPRISE RISK

 

KEY RESPONSIBILITIES:

  • The role holder will support the Group Head of Audit and Enterprise Risk and plays an instrumental role in the governance structure of Petrofac helping Petrofac achieve its strategy by providing independent assurance and advice, driving innovation and influencing change to enhance risk control processes, as well as improving accountability for results.
  • The role holder will bring best practice to the function, bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management.
  • The role holder must understand the business and is able to balance the highest professional standards with a flexible pragmatism and business-focused approach.
  • The role holder will support the Group Head of Audit and Enterprise risk to build and maintain strong relationships with relevant stakeholders including Chief Financial Officer, Chief Executive Officer, General and financial management of the business, Other corporate functions (legal, compliance, etc) and External auditors.
  • The Role holder will develop and lead an Internal Audit and Enterprise Risk team which focuses on control of risks and is seen to be relevant and impactful across the business.
  • Lead a portfolio of audits which are identified at the beginning of the year, which the ‘DHA & ER’ is accountable for planning and delivering with limited supervision.
  • Working with the Group Head of Audit and Enterprise Risk to identify and agree the relevant portfolio of audits from the Audit Programme.
  • Schedule the audits with the business with respect to timing, location and key points of contact.
  • Actively manage a range of sustainable senior business relationships to support development of the audit programme and delivery of the portfolio of audits.
  • Manage the allocation of Internal Audit resources across the audit programme, including agreeing Audit Leads, resolving resource conflicts and identifying requirements for 3rd party support.
  • Direct the end-to-end delivery of each audit (Scoping, Planning, Execution, Reporting and Closure) in line with Group Internal Audit methodology, coordinating the Audit Lead, rest of the audit team and the business.
  • Coach Audit Managers/Portfolio Managers/Audit Leads and Team Members in delivery of audit work.
  • Monitor and report on progress of portfolio of audits and using judgement intervene on audits where required and escalate to Group Head of Audit and Enterprise Risk as appropriate.
  • On an “as needs” basis directly support delivery of audits through performing audit work where the team lack the capacity or capability to complete.
  • Annual Audit Programme planning – the ‘DHA&ER’ will lead or directly support the development of the Annual Audit Programme, including identifying risk-based audits in their area of expertise/business.
  • Manage Group Internal Audit functional processes including monitoring and reporting of audit delivery, validation of management actions, trends in audit findings and reporting to the business.
  • Manage the verification of Agreed Management Actions for Findings from their audits.
  • Prepare relevant sections of quarterly reports to Management and the Board (e.g. ExCom and the Audit Committee). This could include updating data, writing sections of reports, developing insights and themes etc.
  • Support the Group Head of Audit and Enterprise Risk, where relevant at Group Executive Committee (ExCom) and Audit Committee meetings.
  • Internal Audit continuous improvement/Transformation activities – lead the development of the programme and complete assigned activities.
  • Business Relationships – hold relationships with a range of people (up to and including the ExCom and as relevant with Audit Committee members) in the business both written and verbal to help facilitate Group Internal Audit access to information and people, develop the Annual Audit programme, deliver portfolio of audits and identification of risk-based audits for future years.
  • Live the Petrofac Values and operate to the highest ethical standards – we access confidential information and are visible across the Group, so we must operate to the highest standards.
  • Actively support the Group Head of Audit and Enterprise Risk in governance and Management of Enterprise Risk Management Framework/System.
  • Accountable for development of Principal Risk Report – quarterly reporting with input from the risk coordinators/owners and submissions to Board Audit Committee and relevant ExCom.
  • Provide good practice governance on the Proposals Review – Support ExCom review of relevant proposals in line with requirements of Group – Delegated Authority Matrix (DAM).
  • Group DAM – accountable for identifying required changes to DAM, including business and ExCom requested changes, and drafting updates for ExCom then Board review and approval.
  • Policies and Standards – accountable for managing finalisation and review of Group Policies and Standards. This includes review of new Policies/Standards, nominal annual refresh and risk coverage.
  • Risk Appetite – accountable for annual review of risk appetite and statement, agreeing any changes with ExCom and then with the Audit Committee.
  • Control Self-Assessment process – accountable for managing the process and reporting results to relevant ExCom and then to the Audit Committee.
  • Annual Report and Accounts – accountable for drafting risk section of annual report.
  • Business Planning – accountable for embedding risk in annual planning process.
  • Support the Group Head of Audit and Enterprise Risk in relevant Committees of the Board, ExCom, etc. for matters relating to Enterprise Risk.
  • Actively build and maintain strong relationships/partnership with various stakeholders in the Business at all levels (up to and including ExCom and other Committee members, as relevant) to help facilitate successful conduct of Enterprise Risk functions remit.
  • Live in conformance with the Petrofac Code of Conduct and Values with high ethical standards, commitment, and integrity.
  • Continuous improvement of Enterprise Risk function processes aligned with good practice.
  • Support the Group Head of Audit and Enterprise Risk in delivering the Audit Programme and Enterprise Risk function remit within the scheduled time and budget.
  • The Role is required to provide leadership to analyse large volume of information (commercial, financial, operational) and use professional auditor’s judgement to arrive at fact based logical conclusions for Audit reporting in an objective and independent manner.
  • Similarly, there will be a need to assimilate large volumes of risk information and distill the key risks and present the risks, controls and mitigants through the Enterprise Risk framework, thereby aiding strategic decision making in the organisation.

 

ESSENTIAL QUALIFICATIONS AND SKILLS:

  • Internal Audit and Enterprise Risk Management methodologies, tools and techniques.
  • Versatile and seasoned auditor/investigator/ Risk professional.
  • Business Knowledge – expertise in E&C, and oil & gas and/or the technical functions that support them, operating in Petrofac key geographies.
  • Emerging risk and controls, such that risk-based programmes can be developed, via own knowledge, network, industry bodies and internal stakeholders.
  • Functional knowledge – expertise in some of the key support functions e.g. Finance, HR, IT, Legal, Tax, Compliance, Company Secretary, Enterprise Risk etc.
  • Industry knowledge – knowledge of how Petrofac’s competitors, clients and contractors operate.
  • Strong knowledge and understanding of business risks across Petrofac.
  • Knowledge of regulatory and corporate governance requirements under the UK and USA laws relevant to Petrofac Business around the world.
  • Knowledge of BS ISO 31000 and Good Practice Risk Management Frameworks.
  • UK Governance code requirements – as UK listed company.
  • Data-rational individual able to deal with detail-focused engineers.
  • Experience interacting with and presenting to an Audit Committee of the Board of Directors will be an advantage.
  • Exposure to international, complex and culturally diverse environments, with experience of frequent travel.
  • Suitably qualified internal audit and risk management practitioner – Graduate (e.g. Engineering, Law, Accounting, Business), preferably with second degree e.g. MSc, MBA, , to have relevant understanding across the broad range of risks e.g. accountant with engineering training, engineer with finance training etc.
  • Professional qualification, for example Member of the Institute of Internal Auditors, chartered or certified accountant, bar association membership, IT certifications, chartered engineer, Financial Risk Manager, Member of Institute of Risk Managers, Chartered Risk Management Professional, Certification in Risk Management Assurance, willingness to attend certification courses in Internal Audit and Risk Management.
  • Formal training in interpersonal skills and awareness of own strengths, weaknesses, biases etc. audit and risk is an advisory/governance role that often has to deliver hard messages with tact, force and independence.
  • Leadership skills – deputise for the Group Head of Audit and Enterprise Risk in leading the Internal Audit and Enterprise Risk function as relevant and per requirement.
  • Internal Auditing, risk and controls. Understanding of the business.
  • Fact based and attention to detail – comfortable operating in a detailed, fact-based environment.
  • Analytic skills – ability to apply clarity of thought to audit work.
  • Sound judgement – ability to identify issues that need further testing and understanding of own limitations/when to consult.
  • Report writing- strong written English skills.
  • Gravitas and credible – ability to be credible in business discussions up to ExCom level, some of which will be challenging.
  • Managing diverse relationships – across different parts of the business in support of audit delivery.
  • Strong Organisational Skills and drive.
  • Ability to prioritise workload and deal with conflicting priorities.
  • Internal Audit and/or other relevant experience gained in Petrofac and/or other relevant companies or professional services firms (eg: KPMG, Deloitte, EY, PwC, et al and other Risk Consulting organisations).
  • Experience of working in the business either in the first or second line of defence would be an advantage.
  • Experience of working in different geographies and multicultural organisations.
  • Broad experience across a number of companies/sectors so you know what good practice looks like.

#LI-TG1