Business Systems Control Manager

Business Systems Control Manager

MISSION STATEMENT

The Business Systems Control Manager is responsible to ensure the integrity, reliability, and security of business systems and processes within the Risk & Internal Control Department (R&IC) by developing, implementing, and maintaining robust internal control framework and fostering a culture of compliance that ensures compliance with relevant policies, and procedures, while also mitigating associated risks.

This position demands a keen focus on:

• Set up and conduct central testing on UAM (User Access Management) and ITDs (key reports, interfaces, automated controls) in coordination with external auditors,

• Drive harmonization and centralization of IT Application Controls (ITAC) based on IT Core Model solutions (SAP iShift, Blackline, Leo, HighRadius, Workday, Payroll Core Models, …),

• By gaining understanding on both IT and process controls, support R&IC department in identification of IT Dependent controls and report accurate and complete inventories,

• Work in coordination with Digital and support the Head of Internal Control – CHC Global Support Functions in reinforcing reliance on automated controls, Key reports and SOD and in identifying action plans when deficiencies are identified by Internal Audit, external auditors or R&IC,

• Develop a data-driven approach, leveraging company’s data models, to detect risks to better and timely address detective controls,

• Leads the implementation of the CHC SOD roadmap, the initiatives to improve the CHC SOD matrix.

DUTIES AND RESPONSIBILITIES:

MANAGE CONTROL ENVIRONMENT

• Define methodology for IT Dependant controls evaluation, aligned with the Audit standards and Auditors requirements
• Manage process and control framework for Segregation of Duties and UAM processes and controls
• Manage R&IC supporting documents and tools related to IT dependent controls and UAM

ALIGN STAKEHOLDER GROUPS  

• Performs transversal management with functions representatives
• Coordinates regularly with Internal Audit and external auditors

MANAGE CONTROL ACTIVITIES (CSA, IC Testing)

• Manage control self-assessments where required for the controls under the scope (UAM/SOD)
• Manage Internal Control Testing for controls in scope
• Monitor action plans for deficiencies from the control in scope
• Manage System accesses controls in collaboration with process owners, and Ensure Segregation of duties controls are in place

PARTNER WITH THE BUSINESS

• Identify and Monitor risks related to Segregation of Duties, accesses to systems and automated controls
• Build awareness and positive culture towards all stakeholders from 1st to 3rd line of defense
• Support all embedded controls in systems by design by being included in the Business Digital projects, and more specifically on all Company Core Model Digital projects (SAP iShift, Digital Close, CI2C, etc.)

DRIVE CONTINUOUS IMPROVEMENT 

• Develop and set up the Continuous Control Monitoring framework for the UAM process and controls and the design of automated controls to support the CCM Program

REQUIREMENTS

PROFESSIONAL EXPERIENCE

• 7+ years of relevant experiences in external and/or internal audit or other internal control related functions.
• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar are desirable.

MAJOR SKILLS AND COMPETENCES

• Knowledge of Financial Systems (incl. SAP, Blackline, etc.)
• Proven analytical skills paired with broad level of understanding of Financial and non-Financial processes.
• Strong inter-cultural skills and eagerness to work in a very international setting.
• Strong analytical and problem-solving skills, with the ability to identify improvement opportunities and develop solutions.
• Excellent organizational and analytical skills as well as communication skills to build commitment create adherence and report to management.
• Fluency in written and spoken English.

Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.

At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.

Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!