Senior Manager SAP Governance, Risk and Controls
An opportunity exists for a Senior Manager: SAP Governance, Risk and Controls within the financial industry.
The role is permanent and based in Cape Town.
Key Performance Areas
Responsible for delivering the following services to SLS, as well as other Clusters the group that make use of SAP S/4 Hana and related finance systems:
The execution of shared financial transactions through the Finance Shared Services Centre
Drive operational excellence and efficiency through finance process and technology optimisation
Delivering an efficient financial control and compliance environment for SAP S/4 Hana and related finance systems
Delivering on the consolidated financial reporting requirements for SLS
Responsible for managing and delivering an efficient financial control and compliance environment for SAP S/4 HANA and related finance systems, with a focus on centralisation, standardisation, automation, and optimisation of financial control compliance processes.
Accountability for the development of the GRC strategy relating to the scope of SWIFT within SLS - i.e. financial controls for relevant systems and will be responsible to drive initiatives that are relevant to the achievement of this strategy in the function.
Acts as a second line of defence in support of Business Units’ own financial control and compliance environments.
Partner with Business Unit Heads to promote adherence to agree upon financial control compliance processes. This role will furthermore be responsible for the identification and reporting of non-compliance and recommendations on how this can be addressed.
GRC Strategy Development for SLS
Lead in the development of the GRC strategy for SLS to ensure greater compliance to required standards.
Drive various strategic initiatives ensuring greater compliance and awareness in support of realising the GRC strategy.
Financial Risk and Controls Support
Act as second line of defence in the design, implementation and management of control processes and documentation by:
Supporting management in the identification, design and implementation of financial risk and controls through normal business as usual (BAU) operations and transformation initiatives (change in people/process/technology).
Documenting identified financial risks and controls in a risk and control matrix.
Defining and maintaining standards used to document financial risks and controls.
Maintaining the SAP Access Control ruleset to reflect the key access controls identified by business.
Continue to identify, design and implement optimisation opportunities in the financial control and compliance environment through innovation and automation.
SAP GRC Process Owner
Own and manage the key SAP GRC processes for SAP Access Control and Process control through:
The access provisioning process
The security maintenance process
The regular review of access, remediation and mitigation process
The emergency access process
The control documentation and update process
The manual control execution process
The automated configurable control monitoring process
Reporting to management on the operation of these processes
Providing training to users on the GRC processes
SAP GRC Solution Owner
Management and delivery of controls through SAP Access Control and Process Control:
Ownership of technology roadmap to drive efficiencies in management and monitoring of controls
Maintenance of the SAP GRC master data
Liaise with the IT function for the maintenance and support of the SAP GRC solution
Operate as liaison between Business Unit management (first line of defence) and key stakeholders that include Internal Audit (3rd line of defence) and External Audit (4th line of defence).
Oversee a team responsible for administration and maintenance of the GRC tool
Guide and coach team members on GRC strategy requirements and related initiatives
Review output and correct team performance where necessary.
Bachelor’s degree in risk and compliance management, finance, audit or relevant field from a recognised institution
Certified Information Systems Auditor (CISA) or a Certified Internal Auditor (CIA) or Chartered Accountant (CA)
SAP certification is an added advantage
8 years of functional experience in Finance or Risk Management, 4 of which should be in management or similar experience in a comparable position
3 years comprehensive knowledge and experience of internal audit, risk assessments, related methodology and terminology
3 years in-depth knowledge of Risk and Compliance processes and controls
2 years basic understanding of Access Management for Non-SAP systems, SAP Access Control and Process Control
Functional knowledge and understanding of S/4HANA Security is an added advantage
Knowledge and Skills