Skip to main content
100 years and 57 days since the five-day weekRead the story
UNICEF UK logo
UNICEF UK

Head of Risk and Internal Audit

4 x 9hr days£75kHybrid · London, UK

Duration:  Permanent

Salary: £75,000 per annum

Job Level: Level 2

Hours: 35 hours per week.  Part time and other flexible working arrangements will be considered.

Disclosure Level: Basic . This role involves no direct or indirect work with children

Reports to: Chief Operations Officer

Location: Hybrid – working from home and two days a week at 1 Westfield Avenue, London E20 1HZ

At the UK Committee for UNICEF (UNICEF UK), we work alongside partners and communities to help realise children’s rights and build a better world for every child. We are committed to an inclusive workplace where people feel valued, supported, and able to thrive – connected by shared values, a sense of purpose and a collective commitment to making childhood unstoppable.

Our work is guided by the UN Convention of the Rights of the Child (UNCRC) and the Sustainable Development Goals (SDGs), which recognise the universality of children’s rights.

ABOUT THE ROLE

The Head of Risk and Internal Audit ensures UUK plays a vital role in ensuring that UNICEF UK effectively identifies and mitigates risks, delivers a robust internal audit programme providing independent assurance on systems and controls, and contributes to corporate initiatives while mobilising Senior leadership and colleagues to drive continuous improvement and organisational value. This role will act as a trusted technical expert, influencing key decision-makers, including the Executive Team, Senior Leadership Group, and Board committees, in making effective risk management decisions.

What we will expect you to achieve

  • Collaborate closely with the Executive Team and Strategic Leadership Group to identify risks, develop mitigations and oversee robust escalation processes.

  • Lead the embedding of risk awareness into decision-making across all levels of the organisation.

  • Be responsible for ensuring the annual internal audit programme is fit for purpose— including undertaking audits, supported by external support as required.

  • The readiness of the Business Continuity plan, ensuring that critical systems and processes are periodically tested for crisis situations.

  • Ensure appropriate and adequate levels of insurance are in place across the organisation and are aligned to UNICEF UK’s risk profile and risk appetite.

Risk management

  • Ensure the use and application of the Risk Appetite Framework; ensuring accountability for risk is being managed at the right levels within the organisation, escalating any matters that may extend beyond our redline or where risk is not being owned or managed to the standard required in the framework.

  • Keep abreast of developments at UUK (internal scanning) and conduct horizon scanning to identify emerging external risks, assessing implications and ensuring risk controls and processes remain effective and appropriately adapted.

  • Ensure appropriate reporting and consultation with Executive Team to report key risks to the Audit and Risk Committee and Board.

  • Provide strategic leadership and expert guidance to risk owners, enabling the development of in-depth risk analyses and insights to inform Executive Committee and Audit & Risk Committee decision-making.

  • Lead the development, maintenance and delivery of internal risk appreciative training to ensure opportunities and risks are central to strategic decision making, and in-line with the Board’s risk appetite.

Internal Audit, Assurance, Insurance and Readiness

  • Strategically lead and shape the development and ongoing oversight of UNICEF UK’s enterprise assurance framework, ensuring that assurance activity across the organisation is adequate, coordinated, proportionate and affordable.

  • Ensure the internal audit programme is fit for purpose by managing the audit plan, delivery and reporting (with external support as needed), and overseeing the responsible teams timely action in resolving issues.

  • Manage and provide oversight of the organisation’s insurance programme, ensuring that arrangements are appropriate, proportionate and aligned to UNICEF UK’s risk profile and risk appetite.

  • Be available to conduct internal investigations when appropriate.

  • Be a key member of the Business Continuity Planning team, working with the core team to run simulation tests and audit key internal processes.

  •  Maintaining the readiness of the Business Continuity plan, ensuring that critical systems and processes are periodically tested for crisis situations.

Fraud

  • Lead on fraud response plan including leadership on ensuring organisational wide training on fraud awareness; ensuring compliance with relevant legislation and best practice.

  • Maintain and review the fraud risk register, relevant policies and procedures, including fraud prevention, whistleblowing and incident reporting.

  • Demonstrate and model a commitment to our shared values, behaviours and inclusive practices (known as Our Shared Commitment) in all aspects of your work.

BEHAVIOURS, EXPERIENCE AND SKILLS

This section contains the essential behaviours, experience, knowledge and skills needed in order to be effective and successful in this role.All criteria in this section are essential.

Effective Behaviours

Supporter driven and mission aligned

  • Is committed to children and their rights and motivated to work towards creating a better world for every child.

Creating and innovating

  • Establishes a vision and strategic view that creates scalable legal and governance strategies, underpinned by our mission and values.

  • Seeks opportunities to strengthen frameworks, processes and controls, driving efficiency and effectiveness across the organisation.

Integrity and Accountability

  • Upholds the highest standards of ethics, transparency and professional conduct, particularly when handling sensitive issues such as fraud and investigations.

  • Provides timely reporting and follow-through of actions.

Positive relationships

  • Provides confident, evidence-based challenge to stakeholders, while maintaining trusted and collaborative relationships.

  • Builds effective relationships across Executive Team, Strategic leadership Group and risk owners to embed a strong risk and assurance culture.

  • Upholds our values to treat all colleagues with proper respect when conducting internal audits and investigations.

Achieving change

  • Seeks opportunities to strengthen frameworks, processes and controls, driving efficiency and effectiveness across the organisation.

Communication

  • Communicates complex risk, audit and assurance issues succinctly to non-specialist audiences, including Audit & Risk Committee.

Equity, Diversity and Inclusion

  • Consistently models inclusive behaviours and supports equitable decision-making across all areas of work.

Experience

  • Significant experience in risk management and/or internal audit within a complex organisation (charity, public sector, or regulated environment desirable).

  • Proven track record of developing and embedding enterprise risk management frameworks, including strategic and operational risk registers.

  • Experience of designing and delivering internal audit programmes, including planning, execution, reporting and follow-up of actions.

  • Experience of engaging with senior stakeholders and governance bodies, including presenting to Boards or Audit & Risk Committees.

  • Demonstrable experience of providing independent assurance and constructive challenge on risk, controls and governance arrangements.

  • Experience of business continuity planning and crisis preparedness, including testing and assurance activities.

  • Experience of managing or overseeing fraud risk, investigations and incident response frameworks.

  • Experience of working with or managing external audit or assurance providers.

Knowledge & Skills

  • Professionally qualified in internal audit, accounting or a related discipline (e.g. CIA, CMIIA, ACA, ACCA, CIMA or equivalent.

  • Strong understanding of risk management frameworks and methodologies (e.g. ISO 31000 or equivalent).

  • Strong knowledge of internal audit standards and best practice (e.g. IIA standards).

  • Excellent analytical skills with the ability to interpret complex information and identify key risks, trends and insights.

  • Ability to develop and implement enterprise-wide assurance frameworks, integrating multiple sources of assurance.

  • Skilled in risk appetite articulation and application, supporting decision-making at strategic and operational levels.

  • Strong written and verbal communication skills, with the ability to produce clear, concise and Board-ready reports.

  • Ability to design and deliver training, building risk awareness and capability across the organisation.

  • Proficient in using data and systems to support risk monitoring, reporting and assurance activities.