Manager, IT Risk & Controls Management

Job Description :

Diageo’s Global Business Operations (GBO) aims to leverage the Finance Operating Model by supporting standard processes and systems with effective and efficient shared services across Diageo, by internal services, through Business Operations centres across Diageo (main sites are Bangalore and Budapest). GBO has an employee base of approx. 2500 FTEs providing business support for migrated markets across Diageo. GBO plays a central role in governance and compliance for Diageo and has been charged by the CFO to be Diageo’s control exemplar accountable for the execution of controls in shared services including SOX/CARM compliance.

This role is required to plan and execute testing for IT Application controls as part of the risk, control (including control transformation) and compliance agenda for the function.

The Manager IT Controls – this role will be a key member of the Continuous Controls Monitoring team to drive the following agenda

• Identify weaknesses and provide effective recommendations to enhance all different IT systems application controls while reviewing the adequacy and effectiveness of current controls, as well as the reliability and integrity of systems

• Drive and own implementation of ITACs and manual controls analytics in tools like SAP - GRC, Celonis, Alteryx, etc.

• Ensure compliance with policies, plans, procedures and regulations, and safeguard the Group assets.

• Liaise with the governance teams and service delivery teams to assess the level of risk and effectiveness of the underlying controls in all GBO Experience areas.

• Improve the control environment through various initiatives taken and drive accountability.

• Support GBO projects and undertakings to identify control implications and challenge the outcome in light to improve the process and control environment.

• Liaise with assurance teams to monitor progress and support smooth execution of the annual CARM cycle for IT Application controls.

• Liaise with other functions & markets to obtain best practices.

• Contribute to the development and continuous improvement of internal control frameworks, policies, and procedures.

Functional Responsibilities:

Managing Risks

Actively search for risks using internal and external data sources, monitor predictive indicators within and outside of own function. Monitor and ensure mitigation plans are deployed. Use judgement and intervene to ensure course correction. Spot interdependencies and concentration of risks.

IT Application Controls

Recognize opportunities to design and implement IT control processes into new systems or work processes. Provide guidance and interpret key control documents and deliver independent and unbiased advice. Take the lead in forming solid local control environments, ensuring that robust processes are in place to capture, report on & resolve weaknesses.

Systems, automation, processes

Has a strong understanding of systems and processes in which the controls are operated in. Able to spot high risk areas, manual controls, process and system gaps potentially resulting in controls deficiencies. Ability to work with data led audit technologies, data lakes. Ability to spot process engineering opportunities to drive simplified, user friendly solutions in the control framework.

Analytical thinking

Analyse available information and trends and act accordingly. Ability to analyse measures, identify issues and detect interdependencies with other sub-functional areas. Make suggestions on actions to improve performance.

This role is required to collaborate closely with stakeholders at various seniority levels across GBO’s organisation, and key assurance functions (CARE team, External Auditor, Business Integrity etc.).  

What you’ll bring

• A post graduate degree in Information Technology, Information systems, or Chartered Accountant with minimum 7-10 years of experience in related field

• Certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or CRISC (Certified in Risk and Information Systems Control)

• Working knowledge of SAP tables, configurations, process knowledge and testing of IT application controls

• Analytical knowledge (proficiency of analytics tools such as Power BI, Alteryx, SAP GRC etc is preferable).

• Strong written and verbal communication skills

• Strong problem solving, reporting and analytical skills.

• Ability to analyse/ identify risks and opportunities and recommend appropriate actions.

• Influencing and consulting skills, the ability to build relationships with stakeholders at all levels.

• Ability to think critically and analytically and use data driven insights to solve problems.

• Knowledge of Operational and Compliance Risk frameworks

• Business commercial aptitude & knowledge

• Controls design/process audit experience is preferable

Worker Type :

Regular

Primary Location:

Bangalore Karle Town SEZ

Additional Locations :

Budapest, Gurugram

Job Posting Start Date :

2024-10-17