Home / Jobs / Senior CQHS Internal Auditor
Senior (5-8 years)

Senior CQHS Internal Auditor

This isn't just about ticking boxes; it's about making sure our operations are safe, compliant, and top-notch. You'll be the person who digs into our processes, makes sure we're doing what we say we're doing, and helps us get better. Honestly, you're a bit of a detective, safeguarding the company from risks related to quality, health, safety, and environmental regulations. It’s a vital role, even if it's not always the most glamorous.

Job ID
JD-INCO-SRCQHS-003
Department
Compliance Quality Health Safety
NOS Level
OFQUAL Level
Level 6-7
Experience
Senior (5-8 years)

Role Purpose & Context

Role Summary

As a Senior CQHS Internal Auditor, you'll be leading our audit engagements from start to finish. This means you'll plan the audit, manage the day-to-day work, supervise our junior team members, and then draft the final report. You're not just executing; you're orchestrating. You'll be the one making sure we're focusing on the right risks, especially when it comes to quality, health, safety, and environmental compliance across our operations. Your work directly impacts our ability to avoid hefty fines, prevent accidents, and maintain our reputation for quality. When you do this well, our control environment gets stronger, and our business leaders can sleep a bit easier knowing risks are being managed. If it's not done well, we could face regulatory breaches, operational disruptions, or even serious safety incidents. The tricky part is often getting busy operational teams to see the value in what we do and to provide the information we need, sometimes under tight deadlines. The reward? Knowing you've genuinely helped protect our colleagues, our customers, and the company's future.

Reporting Structure

Key Stakeholders

Internal:

External:

Organisational Impact

Scope: You're directly responsible for ensuring the effectiveness of controls that protect our organisation from significant compliance breaches, quality failures, and health & safety incidents. Your findings and recommendations help shape operational improvements and reduce our overall risk exposure, which, frankly, saves us money and keeps people safe.

Performance Metrics

Quantitative Metrics

  1. Metric: Audit Project Delivery within Budget
  2. Desc: The percentage of audits you lead that are completed within the allocated budget (both time and resources).
  3. Target: 90% of audits within ±10% of budgeted hours
  4. Freq: Per audit engagement, reviewed quarterly
  5. Example: If an audit was budgeted for 120 hours and you complete it in 115 hours, that's a win. If it takes 150 hours due to unforeseen issues, we'll need a clear explanation, but it still counts towards the metric.
  6. Metric: Finding Acceptance Rate
  7. Desc: The percentage of your draft audit findings that management accepts without significant changes to the condition, cause, or consequence.
  8. Target: 80% acceptance rate
  9. Freq: Per audit report, reviewed quarterly
  10. Example: You present 10 findings in a draft report. If 8 are accepted as-is and 2 require minor wording tweaks (not changing the core issue), that's 80% acceptance. If management disputes the core issue on 3, you're below target.
  11. Metric: Remediation Plan Progress Tracking
  12. Desc: The effectiveness of your follow-up on management's agreed-upon remediation plans for your audit findings.
  13. Target: 90% of high-risk remediation plans tracked to closure by due date
  14. Freq: Ongoing, reviewed monthly
  15. Example: You've identified a critical safety control gap. Management agrees to fix it by 30 June. You'll need to chase them, get evidence, and confirm it's fixed by that date. If it slips, we need to know why and what the new plan is.
  16. Metric: Junior Auditor Mentorship & Development
  17. Desc: The successful onboarding and development of junior auditors or associates working on your engagements.
  18. Target: Successfully mentor 1-2 junior auditors per year, evidenced by their improved work quality and positive feedback.
  19. Freq: Annually, through performance reviews and 360-degree feedback
  20. Example: You guide a new associate through their first PBC list and walkthrough. By the end of the audit, they're independently drafting basic test steps and can explain their work. That's a clear sign of good mentorship.

Qualitative Metrics

  1. Metric: Stakeholder Engagement & Collaboration
  2. Desc: How well you build rapport and work with auditees, even when delivering tough news. It's about being seen as a partner, not just the 'internal police'.
  3. Evidence: Auditees proactively reach out for advice; positive feedback in post-audit surveys (yes, we do those); willingness of business units to share information openly; you're invited to pre-audit discussions, not just dropped in.
  4. Metric: Clarity and Impact of Communication
  5. Desc: Your ability to explain complex audit findings and their implications clearly, concisely, and in a way that resonates with different audiences (from the shop floor to senior management).
  6. Evidence: Audit reports are easy to read and understand; management 'gets it' quickly during closing meetings; you can simplify technical jargon into plain English; your recommendations are practical and actionable, not just academic.
  7. Metric: Proactive Risk Identification
  8. Desc: Your knack for spotting potential risks or control weaknesses that weren't explicitly on the audit plan, but are critical to the business.
  9. Evidence: You bring new, relevant risks to the attention of the Lead Auditor or management during an engagement; you suggest adjustments to the audit scope based on new information; you're thinking beyond the immediate task.
  10. Metric: Professional Judgement & Skepticism
  11. Desc: Your ability to apply sound judgement in complex situations, challenge assumptions respectfully, and maintain a healthy level of professional skepticism throughout the audit process.
  12. Evidence: You push back appropriately when evidence doesn't stack up; you can justify your conclusions with solid reasoning; you don't take things at face value, especially when the stakes are high; you identify and flag potential conflicts of interest.

Primary Traits

Supporting Traits

Primary Motivators

  1. Motivator: Making a Tangible Difference
  2. Daily: You'll feel a real sense of accomplishment when your audit findings lead to a genuine improvement in safety procedures or a critical compliance gap being closed. You want your work to actually matter, not just sit on a shelf.
  3. Motivator: Solving Complex Puzzles
  4. Daily: You love the challenge of piecing together disparate pieces of evidence, interviewing different people, and digging through data to uncover the root cause of an issue. It's like being a detective every day.
  5. Motivator: Ensuring Fairness and Integrity
  6. Daily: You're driven by the desire to ensure processes are followed fairly, rules are adhered to, and that the company operates with the highest level of integrity. You're a guardian of good governance.

Potential Demotivators

Honestly, this role isn't for everyone. You'll often find yourself chasing people for information, and sometimes they'll 'slow-walk' you, waiting until the last minute to provide what you need, which can really compress your testing timeline. You might also present a clear, high-risk finding, only to face pressure from senior management to downgrade it to 'medium' before it ever gets to the Audit Committee. That can be incredibly frustrating if you're passionate about the truth.

Common Frustrations

  1. The 'Internal Police' Stigma: Constantly fighting the perception that you're there to get people in trouble, rather than to improve the process and protect the company.
  2. Repeat Findings: Presenting the same finding you wrote last year because management agreed to a remediation plan but never actually implemented it.
  3. Documentation vs. Reality: Spending days auditing a process based on the official procedure, only to discover in a walkthrough that 'nobody actually does it that way' on the shop floor.
  4. Scope Creep: An audit of a simple process uncovers a major, unexpected issue, and suddenly your two-week engagement balloons into a two-month investigation that you're not staffed for.
  5. The 'Value-Add' Pressure: The constant expectation to provide 'value-add' business insights on top of the core assurance work, often with no extra time or resources, which can feel like an impossible ask.

What Role Doesn't Offer

  1. A quiet, predictable routine with no surprises. Auditing is inherently about finding the unexpected.
  2. Immediate, universal popularity. You're often asking tough questions, which isn't always a recipe for being everyone's favourite person.
  3. A direct path to operational leadership. While you'll learn a lot about operations, this role is about assurance, not running the business day-to-day.

ADHD Positives

  1. The varied nature of audit engagements (different processes, different teams, different risks) can be really engaging and prevent boredom.
  2. The need for intense focus during fieldwork and detailed analysis can be a strength, allowing for deep dives into specific issues.
  3. The problem-solving aspect, especially uncovering root causes, can be highly stimulating and rewarding.

ADHD Challenges and Accommodations

  1. Managing multiple audit projects and deadlines simultaneously can be challenging; we use structured project management tools and offer regular check-ins to help keep you on track.
  2. Detailed documentation requirements can feel tedious; we use templates and offer tools to streamline this, and you can pair with juniors for support.
  3. Long meetings can be difficult; we encourage breaks, active participation, and providing agendas in advance so you know what to expect.

Dyslexia Positives

  1. Strong verbal communication skills, especially during walkthroughs and interviews, are highly valued.
  2. Excellent spatial reasoning and 'big picture' thinking can help identify systemic issues that others might miss.
  3. The ability to connect seemingly unrelated pieces of information is a real asset in root cause analysis.

Dyslexia Challenges and Accommodations

  1. Extensive report writing and review notes can be demanding; we offer proofreading support, use structured templates, and encourage dictation software.
  2. Reading dense regulatory documents can be tough; we use summarisation tools (like AI, more on that below) and provide verbal briefings.
  3. Detailed workpaper documentation requires precision; we use clear templates, offer spell-check and grammar tools, and allow for peer review.

Autism Positives

  1. A strong adherence to processes, rules, and regulations is a significant advantage in compliance auditing.
  2. Exceptional attention to detail, especially in identifying inconsistencies or anomalies in data and documentation, is crucial.
  3. The ability to maintain professional skepticism and focus on objective evidence, rather than social dynamics, is highly valued.

Autism Challenges and Accommodations

  1. Navigating complex social dynamics during interviews or negotiations with auditees can be challenging; we offer coaching, clear communication guidelines, and opportunities for written communication where appropriate.
  2. Unexpected changes in audit scope or timelines can be disruptive; we aim for clear planning and provide as much advance notice as possible for changes.
  3. Sensory overload in busy office environments; we offer noise-cancelling headphones, flexible working arrangements, and quiet spaces for focused work.

Sensory Considerations

Our main office environment is a typical open-plan space, so expect some background noise and general office chatter. However, we also have dedicated quiet zones and meeting rooms for focused work or calls. During fieldwork, you might be in various operational settings – from quiet offices to factory floors with machinery noise – so adaptability is key, and we provide appropriate PPE where needed.

Flexibility Notes

We offer hybrid working, usually 2-3 days in the office, with flexibility depending on audit fieldwork requirements. We're open to discussing specific arrangements to help you thrive.

Key Responsibilities

Experience Levels Responsibilities

  1. Level: Senior CQHS Internal Auditor (OFQUAL Level 6-7)
  2. Responsibilities: Lead individual audit engagements end-to-end, from planning and risk assessment through to reporting and follow-up. This means you're the main point of contact for the auditee during the engagement.
  3. Develop comprehensive audit programmes and detailed test plans for each engagement, making sure we're covering the highest risks and meeting our objectives. You'll need to think critically about what to test and how.
  4. Supervise and mentor 1-2 junior auditors or associates during fieldwork. You'll review their work, provide constructive feedback, and help them develop their skills. Think of yourself as their guide on the audit journey.
  5. Execute complex audit testing procedures yourself, especially for higher-risk or more nuanced areas. This isn't just delegating; you'll still be getting your hands dirty with the data and evidence.
  6. Conduct in-depth process walkthroughs with business owners, mapping out how things actually work and identifying key control points and potential weaknesses. You'll be asking a lot of 'how' and 'why' questions.
  7. Draft clear, concise, and commercially relevant audit findings using the '5 C's' (Criteria, Condition, Cause, Consequence, Corrective Action). You'll then validate these findings with management to ensure factual accuracy and buy-in.
  8. Present your audit findings and recommendations to business unit management during closing meetings. This often involves some polite negotiation and a good dose of diplomatic tenacity to ensure the message lands correctly.
  9. Track and follow up on the implementation of agreed-upon remediation plans, making sure that management actually fixes the issues you've identified. This can involve a fair bit of chasing, honestly.
  10. Supervision: You'll have bi-weekly check-ins with your Lead CQHS Auditor for strategic alignment and to discuss any complex issues. For the day-to-day execution of your audits, you're largely autonomous, but you'll know when to flag something that needs a second opinion.
  11. Decision: You have full technical decision-making authority within the scope of your assigned audit engagements (e.g., selecting specific testing methodologies, determining sample sizes, drafting finding severity). You'll recommend changes to audit scope or budget if significant issues arise, but these need approval from your Lead Auditor. For anything above a £5K impact, you'll consult your Lead. You're responsible for the quality of your workpapers and the findings you report.
  12. Success: Success here means delivering high-quality audit reports on time and within budget, with findings that are accepted by management and lead to real improvements. It also means effectively developing the junior team members working with you, helping them grow into confident auditors.

Decision-Making Authority

Supercharge Your Audits: Save 10-15 Hours Weekly with AI!

Let's be real, auditing involves a lot of repetitive tasks and wading through mountains of information. But what if you could cut down on that busy work and focus on the really interesting, high-impact stuff? That's where AI comes in. We're not talking about replacing you; we're talking about giving you a superpower.

ID:

Tool: Automated Control Testing

Benefit: Use AI scripts to perform 100% population testing on routine digital controls. For example, verifying that every employee in a high-risk role has completed mandatory safety training in the LMS by the deadline. No more manual sampling, just straight-up verification.

ID:

Tool: Anomaly Detection in Incident Reports

Benefit: Apply Natural Language Processing (NLP) to analyse thousands of unstructured text-based incident reports. This helps identify emerging risk trends, clusters of near-misses in specific locations, or unusual patterns that standard keyword searches would totally miss. It's like having a super-fast, tireless detective.

ID:

Tool: Regulatory Change Summarisation

Benefit: Feed new, lengthy regulations from OSHA, EPA, or the HSE into an LLM to generate a concise summary of key changes, obligations, and potential impacts on our existing control framework. This saves you hours of sifting through legal jargon, getting you straight to what matters.

ID: ✍️

Tool: First-Draft Finding Generation

Benefit: Input the key elements of a control failure (criteria, condition, evidence) into a trained AI model to generate a well-structured, professionally worded first draft of an audit finding for your report. This ensures consistency in tone and format, cutting down on wordsmithing time.

Expect to save 10-15 hours weekly on repetitive tasks, freeing you up for more strategic analysis and stakeholder engagement. Weekly time savings potential
We'll explore 2-3 core AI tools that integrate seamlessly into your workflow, typically costing around £20-£50/month. Typical tool investment
Explore AI Productivity for Senior CQHS Internal Auditor →

12-15 specific tools & techniques with implementation guides

Competency Requirements

Foundation Skills (Transferable)

These are the bedrock skills that every Senior Auditor needs, regardless of the specific audit area. They're about how you think, how you communicate, and how you get things done effectively.

Functional Skills (Role-Specific Technical)

These are the specific methodologies, technical abilities, and industry knowledge you'll need to excel in a CQHS internal audit role at a senior level. It's about knowing the 'how' and the 'what' of our specific domain.

Technical Competencies

Digital Tools

Industry Knowledge

Regulatory Compliance Regulations

Essential Prerequisites

Career Pathway Context

We're looking for someone who isn't just good at following a checklist, but who can actually design the checklist, lead the team using it, and then explain what it all means. You'll have built up your audit muscles and are ready to take on more responsibility and autonomy.

Qualifications & Credentials

Emerging Foundation Skills

Advancing Technical Skills

Future Skills Closing Note

The goal here isn't to become a deep technical expert in every new technology, but to understand its implications for audit and risk. Your value will increasingly come from your ability to audit these new environments and guide the business through their complexities, not just from traditional process auditing.

Education Requirements

Experience Requirements

You'll need at least 5-8 years of progressive experience in internal audit, external audit (with a focus on operational or compliance audits), or a dedicated Compliance, Quality, Health & Safety role. This should include demonstrable experience leading audit engagements or significant workstreams, managing junior team members, and drafting comprehensive audit reports. We're looking for someone who's been in the trenches and knows how to run an audit from start to finish.

Preferred Certifications

Recommended Activities

Career Progression Pathways

Entry Paths to This Role

Career Progression From This Role

Long Term Vision Potential Roles

Sector Mobility

The skills you'll pick up here – risk assessment, control evaluation, process analysis, and stakeholder management – are highly transferable. You could move into broader risk management, operational excellence, or even consulting roles in other industries that value strong governance and control.

How Zavmo Delivers This Role's Development

DISCOVER Phase: Skills Gap Analysis

Zavmo maps your current competencies against all requirements in this job description through conversational assessment. We evaluate your foundation skills (communication, strategic thinking), functional skills (CRM expertise, negotiation), and readiness for career progression.

Output: Personalised skills gap heat map showing strengths and priorities, estimated time to competency, neurodiversity accommodations.

DISCUSS Phase: Personalised Learning Pathway

Based on your DISCOVER results, Zavmo creates a personalised learning plan prioritised by impact: foundation skills first, then functional skills. We adapt to your learning style, pace, and neurodiversity needs (ADHD, dyslexia, autism).

Output: Week-by-week schedule, each module linked to specific job responsibilities, checkpoints and milestones.

DELIVER Phase: Conversational Learning

Learn through conversation, not boring modules. Zavmo uses 10 conversation types (Socratic dialogue, role-play, coaching, case studies) to build competence. Practice difficult QBR presentations, negotiate tough renewals, and handle churn conversations in a safe AI environment before facing real clients.

Example: "For 'Stakeholder Mapping', Zavmo will guide you through analysing a complex enterprise account, identifying key decision-makers, and building an engagement strategy."

DEMONSTRATE Phase: Competency Assessment

Zavmo automatically builds your evidence portfolio as you learn. Every conversation, practice scenario, and application example is captured and mapped to NOS performance criteria. When ready, your portfolio supports OFQUAL qualification claims and demonstrates competence to employers.

Output: Competency matrix, evidence portfolio (downloadable), qualification readiness, career progression score.

Discover Your Skills Gap Explore Learning Paths