Quality Risk & Compliance Manager

Greater London  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Quality Risk & Compliance Manager
3 Month contract
Brentford
£500pd UMB


Reporting to the Tech Governance, Risk and Compliance Chief of Staff, (working across SAP Single instance, CERPS and M-ERP) to ensure that high standards of internal control are maintained, and Policies and Procedures are adhered to in Security and Authorisations, Business roles and Segregation of Duties areas.
  • Accountable for ensuring various compliance requirements are satisfactorily met in the following areas: Access Controls Business Role Design/Change and Build - work with the relevant solution, design and security teams to ensure that business roles are designed and built with appropriate access controls (restrictions) in place to meet operational, confidential data/PI/SPI requirements.
  • Review of Business Roles System Requirement (SR) documents to ensure that appropriate access controls and confidential data requirements are documented and fit for purpose Business Roles Testing (for generic access controls) - liaise with relevant teams to determine and agree testing scope. Review of test cases and test results to demonstrate that access controls have been implemented effectively as per design.
  • Work with relevant teams to ensure that any required remediation activities are performed.
  • Jobs Testing (for market-specific access controls) - liaise with relevant teams to determine and agree testing scope. Review of test cases and test results to demonstrate that access controls have been implemented effectively as per design. Work with relevant teams to ensure that any required remediation activities are performed. Segregation of Duties (SoD) Business Role Design and Build - work with the relevant solution, design and security teams to ensure that business roles are designed and built with appropriate segregations of duties in place.
  • In conjunction with Security and Authorisations (S&A) ensure that new processes introduced to CERPS are included in the GRC landscape and rulesets for both SoD and Critical Transactions. Review and management of any required changes and enhancements to GRC global ruleset Ensure that the SoD ruleset is aligned and mapped to ERP Internal Controls Framework, for access controls.
  • Manage and coordinate SoD Testing of business roles and jobs. Report results to key stakeholders, and coordinate and drive any remediation activities to completion. Manage the SoD Testing of Job to User Mapping, ensuring that prior to deployment of any given release, the user SoD position is acceptable, and that all accepted SoD violations have been agreed with relevant stakeholders, such as Market FDs.
  • Ensure that any approved SoD violations have been pre-mitigated prior to Go Live user provisioning. Manage the remediation of unacceptable user SoD violations during Go-Live. Manage and coordinate training for Market Compliance Teams, pre go-live of a release.
  • Training to cover the SoD activities required to be performed by Market Compliance teams in the BAU environment, such as SOD monthly reporting and the approval/rejection of user access requests with SoD violations.
  • Training to also cover the running of monthly mitigating controls (for users with SoD violations). Risk to the business is controlled and mitigated through the effective management and implementation of Segregation of Duties principles and existing ruleset - encompassing system role design/build AND end user system access. Compliance of confidential data/PI/SPI policies is adhered to via the effective management and implementation of appropriate data access restrictions in system role design/build and end user system access.

Skills/Experience required:
Minimum bachelor degree education in related discipline or equivalent experience Knowledge of SAP Security concepts related to Role Design and Build, and User Provisioning Experience with segregation of duties risk analysis and access control design SAP GRC.

Understanding of the following business processes:
  • Order to Cash
  • Purchase to Payables
  • Record to Report (Financials) o Warehouse & Distribution
  • Supply Chain Planning
  • Strong Finance background with commercial experience 5+ year Post qualified Accounting Experience SAP IDM

SAP functional experience in any of the below areas:
  • FI-CO
  • SD
  • MM
Start date
ASAP
Duration
3 months
From
Elevate Direct
Published at
20.05.2022
Project ID:
2389939
Contract type
Freelance
To apply to this project you must log in.
Register