This individual will interact and engage with IT, business units and corporate functions to ensure adequate risk management is in place in order to support the company’s control environment and 404 SOX program.
Evaluate and assess company risks and controls using a standards-based integrated control framework model to assure:
1) the reliability of financial reporting, 2) compliance with laws and regulations, 3) the effectiveness and efficiency of operations, 4) the safeguarding of company assets.
Provide guidance to address internal control gaps, including validation of corrective actions.
Participate in and/or conduct risk assessment sessions. Identify and address business risk exposures and serve as a consultant to the business and IT staff on these matters.
Perform Segregation of Duties (SOD) analysis on SAP IT roles and end users.
Maintain SOD and Privileged Access (PA) functions and risks in GRC Risk Analysis and Remediation (RAR).
Liaise with internal and external auditors and provide guidance for yearly audits.
Participate in IT SOX projects to ensure controls are in place and adequately address any risk related to financial reporting.
Assist in the identification of control activities for IT process flows.
• Bachelor degree required. Information Technology, Business Administration or related field preferred.
• A minimum of five year experience and demonstrated knowledge in the domains of IT Audit and Controls, Governance, Risk, and/or Compliance related to information risk or IT controls.
• Minimum two years working with SAP security and/or basis.
• Familiar with industry standards and controls (ISO 17799, 27001, CobIT, Sarbanes-Oxley, ITIL, etc.)
• CISA, CISM, CIA or CISSP certification.
Rockwell Automation, the world's largest company dedicated to industrial automation, makes its customers more productive and the world more...