Background and Rationale

African Parks (AP) is a conservation NGO that rehabilitates and manages protected areas under long-term mandates with host governments. AP operates more than 22 parks across more than 12 countries, with a workforce exceeding 5,000. The internal audit function, embedded in the Assurance, Risk & Compliance (ARC) department, underpins compliance, financial stewardship, and risk governance across this geographically dispersed and operationally complex portfolio.

To date, internal audits and follow-up processes have relied on manual and spreadsheet-based tools, which constrain real-time collaboration, analytical depth, and assurance maturity.  The organization is consequently elevating the lead internal audit role beyond audit execution. The post-holder is expected not only to lead and deliver internal operational audits, but also to actively develop the assurance function, drive the GRC platform implementation as the designated Super User, and build durable internal audit and risk-monitoring capability across the network. This is a senior, build-and-deliver mandate requiring professional audit credentials, technology fluency, and the judgment to operate credibly with park leadership, Heads of Department, the Board, and donor stakeholders.

2. Primary Purpose

To lead the planning, execution, and continuous improvement of African Parks’ internal audit and assurance activities; to mature the internal audit function from a compliance-checking exercise into a risk-driven assurance capability; and to serve as the operational lead and Super User for the new GRC platform, ensuring its successful configuration, data migration, integration, adoption, and embedding across the portfolio.

 3. Terms of Reference - Key Responsibilities

• Lead and personally conduct the annual cycle of Internal Operational Audits (IOA), targeting a minimum of 10–12 park audits per year, including incubation program audits, with physical presence and participation on each audit.
• Own the end-to-end audit lifecycle: risk-based audit planning, scoping, fieldwork, evidence capture, reporting, and quality review, ensuring accuracy, consistency, and fairness of judgment across all engagements.
• Provide comprehensive pre-audit briefings and structured post-audit debriefings to auditors and park teams, including finance-specific briefings for financial audits.
• Apply and enforce defined escalation rules — including mandatory re-audit of any park scoring below the agreed threshold and structured review of unresolved high-risk findings with the Head of ARC, COO, and CFO.

• Take ownership for maturing the internal audit methodology, moving from compliance verification toward integrated, risk-based assurance that incorporates each park’s operational, financial, and cultural context.
• Design, document, and continuously improve audit tools, checklists, scoring criteria, and reporting templates, integrating lessons learned and aligning with recognized governance frameworks
• Develop and maintain a consolidated, multi-year view of audit findings and systemic risk areas to inform management, the FRA Committee, and the Board.
• Contribute to the gradual extension of the function toward enterprise risk monitoring, in coordination with the Head of Risk & Assurance, including alignment of audit findings with the institutional risk register.

• Serve as the designated Super User and functional lead for the GRC / internal audit management platform throughout configuration, pilot, roll-out, and steady-state operation.
• Prepare all audit documentation, templates, question libraries, scoring logic, and multilingual workflows (English, French, Portuguese) required for the pilot and full deployment.
• Coordinate with the Technology team and the vendor on system configuration, role and access design, integration with AP systems (e.g., Sage/Serenic finance, Salesforce, EarthRanger, BI tools), and resolution of functional issues.
• Lead the migration of historical audit data (2024–2026) into the platform via bulk upload, validating completeness and integrity before each new audit round.
• Act as Trainer of Trainers: train, certify, and support internal auditors, administrators, and park-level users so they are competent and self-sufficient in the system across languages and locations.
• Establish governance for the platform: user account management, audit trail and metadata controls, document archiving standards, and periodic review of system usage and data quality.

 3.4 Analytics, Reporting, and Governance Inputs.

• Ensure full integration of IOA and Law Enforcement (LE) audit data and feedback loops into Power BI, with validated historical data and dashboards refreshed before each new round.
• Maintain the IOA–LE Audit Comparison Summary every month and ensure full traceability between audit findings and park-level corrective action (CAPA) follow-ups.
• Prepare high-quality, consolidated inputs for the FRA Committee and the AP Board at least two weeks before each session, including LE compliance updates, IOA and LE audit results and recommendations, GRM audit feedback, and incubation program audit feedback.

• Submit the annual feedback-loop calendar and conduct quarterly IOA/LE feedback loops, monitoring resolution of non-compliance and performing spot-checks on items reported as resolved by parks.
• Produce, within agreed deadlines after each loop, a consolidated per-park summary of high-risk non-compliances outstanding for more than three months.
• Conduct quarterly Grievance Redress Mechanism (GRM) compliance & quality control audits and HR compliance audits (induction and personnel-exit sample checks) within defined reporting timelines.
• Systematically collect park satisfaction surveys for every completed audit to support continuous improvement of the function.

• Support the Head of Risk & Assurance in the annual review and update of Standard Operating Procedures, ensuring audit checklists reflect current SOPs.
• Engage PMUs, Regional Operations Managers, Park Managers, and Heads of Department proactively and constructively, sustaining a positive, credible, and trusted audit culture.
• Mentor and develop auditors, reinforcing technical skills and embedding good practice across the portfolio.

 5. Key Relationships

• Internal: Head of Risk & Assurance (line manager); CFO and COO; Heads of Department; Regional Operations Managers; Regional Finance Managers, Exco members, Park Managers and PMUs; Technology, Business Intelligence and Law Enforcement teams.

• A relevant university degree in audit, accounting, finance, risk management, or a related field (postgraduate qualification advantageous).
• A recognized professional certification is strongly preferred — e.g. Certified Internal Auditor (CIA), Chartered Accountant (CA/ACCA), Certified Information Systems Auditor (CISA)

• Significant internal audit experience, including a demonstrable record of leading audit teams and engagements (ideally 7+ years, with several in a lead or supervisory capacity).
• Proven experience designing or maturing an internal audit/assurance function, not solely executing audits.
• Hands-on experience implementing or administering audit, GRC, or ERP/finance systems — ideally as a Super User, system administrator, or project lead — including data migration and user training.
• Experience working across multiple jurisdictions and in resource-constrained or remote operating environments; familiarity with the conservation, NGO, or international development sector is an advantage.

• Strong command of risk-based audit methodology, internal control frameworks, and corporate governance principles.
• Data and analytics fluency, including practical proficiency in Power BI and structured data handling; comfort configuring and operating digital audit platforms.
• Highly organized, systematic, and detail-oriented, with a practical and logical approach and strong quality and deadline focus.
• Demonstrated leadership, with excellent interpersonal and relationship-management skills and the ability to engage diverse, multicultural teams constructively.
• The judgment to “tell it like it is” factually and constructively — balancing candor with context-awareness and emotional intelligence to sustain trust across AP’s diverse cultural landscape.
• High standards of integrity, independence, and ethical conduct, consistent with the AP Code of Conduct.

• Full professional proficiency in written and spoken English and French is essential; Portuguese is a strong advantage given the portfolio.
• Willingness and ability to travel extensively throughout Africa and to attend the Head Office as required