- Set up and conduct SOX central testing on UAM (User Access Management) and ITDs (key reports, interfaces, automated controls) in coordination with external auditors and SOX entities. Drive harmonization and centralization of IT Application Controls (ITAC) based on IT Core Model solutions. By gaining understanding on both IT and process controls, support Internal Control Centers of Expertise in identification of IT Dependent controls and report accurate and complete inventories. Works in coordination with Digital and supports Internal Control Centers of Expertise in reinforcing reliance on automated controls, Key reports, and SOD and in identifying action plans when deficiencies are identified by Group Internal Audit, external auditors, or IC&P.
MANAGE CONTROL ENVIRONMENT : Maintain yearly Global ITDs Inventory with other CoE s inputs for their respective region, Support Digital for IT General Controls scoping, manage process and control framework for Segregation of Duties and UAM processes and controls, Manage IC&P supporting documents and tools related to IT dependent controls and UAM.
ALIGN STAKEHOLDER GROUPS : Work with External Auditors in the region to align ITD methodology and scope with Central, Reconciliation of testing results with ext. auditors in the region, Coordinates regularly with Sanofi Internal Audit and external auditors in the region.
MANAGE CONTROL ACTIVITIES (CSA, IC Testing, SOX testing) : Support countries in the region in identification of ITDs during SOX Design phase, Manage CSA for non-SOX (but SIC) scope of IT systems related risks and controls when applicable to the region scope, Execute ITDs testing for ITDs in scope for the region, Execute SOX testing for regional and local UAM controls, Monitor Action Plans related to Business System controls in scope, Perform local SOD control (until automated).
PARTNER WITH THE BUSINESS : Identify and Monitor risks related to Segregation of Duties, accesses to systems and automated controls, build awareness on ITDs/IT Application Controls and SOD and positive culture towards all stakeholders from 1st to 3rd line of defence, DRIVE CONTINUOUS IMPROVEMENT, Support the harmonization and centralization of ITDs - Usage of IT dependencies in controls, Continuously support improvement IT auditing methodology in line with regulation changes, new requirements or new technologies, Report any local/regional regulatory requirements to central management.
Experience: Experience in IT Audit in auditing firm or private companies in SOX IT General Controls or IT System Controls audit, Knowledge/Awareness, or experience in Accounting / Financial reporting.
Soft skills & Technical skills: Knowledge of SOX, IT applications, Internal Control & Processes, develop problem solving skills, Knowledge of Financial Systems, Managing & Influencing key stakeholders, enhancing thoughtful risk-taking culture, building finance acumen, developing critical & analytical thinking, developing leadership effectiveness, developing assertive communication, establishing, and improving team communications.
Education: Graduated College level in Audit, IT Audit or similar, Engineering degree in Computer Sciences.
Languages : Must be fluent (written/spoken) in English.
