The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way
In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods
Responsibilities
Direct Responsibilities
Conduct periodic controls assessments across process areas in scope. Raise any non-compliance, and follow up of the corrective actions until closure.
Liaise with global and local IT control areas to ensure their certification is timely and appropriate.
Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level.
Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls.
Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified.
The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment.
Contribute all relevant management information (KPIs/KRIs) to the various scope reports/dashboards.
Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation.
Contributing Responsibilities
Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework
Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures
Technical & Behavioral Competencies
Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits.
Good understanding of IT Controls Framework and experience executing controls.
Understanding of IT Service Management domain is a value add.
Strong analysis & problem solving skills
Structured and methodical mindset
Proactive approach with a strong ability to work on own initiative
Ownership of work and commitment to delivery
Can do attitude
Team oriented (both local and global)
Good interpersonal skills
Strong influencing skills
Big picture awareness - make relationships between tactical issues and strategic options
Client focused
Pragmatic and creative approach
Specific Qualifications (if required)
None
Skills Referential
Behavioural Skills :
Attention to detail / rigor
Communication skills - oral & written
Personal Impact / Ability to influence
Critical thinking
Transversal Skills:
Analytical Ability
Ability to manage / facilitate a meeting, seminar, committee, training