Grc Senior Analyst - Cape Town, South Africa - Project Management Connection

Thabo Mthembu

Posted by:

Thabo Mthembu

beBee Recruiter


Description

What will you do?

  • The GRC Senior Analyst role will be responsible for supporting the Head of the Governance risk and controls centre of excellence (GRC CoE) in managing and delivering an efficient financial control and compliance environment for SAP S/4HANA and related finance systems, with a focus on centralisation, standardisation, automation, and optimisation of financial control compliance processes.
  • The GRC CoE acts as a second line of defence in support of Business Units' own financial control and compliance environments.
  • The incumbent will partner with the Head of GRC and Business Unit Heads to promote adherence to agree upon financial control compliance processes. This role will furthermore be to support for the identification and reporting of noncompliance and recommendations on how this can be addressed.

What will make you successful in this role?

The key performance areas of this role include the following:

  • GRC Strategy Development for the company.
  • Support the Head of GRC CoE in the development of the GRC strategy for SLS to ensure greater compliance to required standards.
  • Support various strategic initiatives ensuring greater compliance and awareness in support of realising the GRC strategy.

Financial Risk and Controls Support
Act as second line of defence in the design, implementation and management of control processes and documentation by:

  • Supporting management in the identification, design and implementation of financial risk and controls through normal business as usual (BAU) operations and transformation initiatives (change in people/process/technology).
  • Documenting identified financial risks and controls in a risk and control matrix.
  • Defining and maintaining standards used to document financial risks and controls.
  • Assist control owners and control performers in business and IT with walkthroughs of controls
  • Maintaining the SAP Access Control ruleset to reflect the key access controls identified by business.
  • Performing tests of effectiveness for key controls.
  • Creation of test plans for key controls.
  • Preparation of IFC monthly report which entails capturing all control deficiencies and remediation plans.
  • Distribution of report to governance stakeholders, being CFO's and heads of finance and IT executives.

Optimisation:


  • Continue to identify, design and implement optimisation opportunities in the financial control and compliance environment through innovation and automation.
  • Support SAP GRC Solution
  • Support the management and delivery of financial controls through SAP Access Control 12 and Process
  • Schedule SOD Review workflows to risk owners
  • Maintain User Access review process in SAP Access Control
  • Maintenance of Access Control custom ruleset at conceptual and permission/action level
  • Run and interpret Access Risk Analysis reports and provide assistance to identify remedial actions
  • Document and maintain the risks, controls and control owners in the repository (Process Control)
  • Defining and documenting manual control procedure steps
  • Regular review of access (UAR) and mitigations against the access risk ruleset (periodic) with root cause analysis
  • Following up on escalation workflows for configuration control changes
  • Creation/testing of new automated business rules and assignment to controls
  • Monitor dashboards by GRC CoE on PC and investigate control exceptions
  • Actively monitor control deficiencies and remediation plans providing assistance to control owners
  • Provide Internal Team Training
  • Provide training for control performer and control owners in SAP Process Control

Stakeholder Integration

  • Support the Head of GRC CoE to operate as liaison between Business Unit management (first line of defence) and key stakeholders that include Internal Audit (3rd line of defence) and External Audit (4th line of defence).

Qualification and Experience:


  • Bachelor's degree in risk and compliance management, finance, audit or relevant field from a recognised institution.
  • Professionally accredited from a recognised industry body as a Certified Information Systems Auditor (CISA) or a Certified Internal Auditor (CIA) or Chartered Accountant (CA) is an added advantage.
  • SAP certification is an added advantage.
  • 5 years of functional experience in Finance or Risk Management.
  • 5 years comprehensive experience of internal audit, risk assessments, related methodology and terminology.
  • 5 years indepth knowledge of Risk and Compliance processes and controls.
  • Functional experience in SAP Access Control, and SAP Process Control will be an added advantage
  • Audit or internal financial controls experience in SAP environment (S/4HANA) is an added advantage
  • Functional and basic technical understanding of SAP Fiori is an added advantage.
  • Functional and basic technical knowledge and understanding of S/4HANA Security is an added advantage.

Knowledge and Skills:


  • Must be tech savvy
  • Must have the ability t

More jobs from Project Management Connection