The Financial IT Compliance Specialist is responsible for providing assurance over applicable information technology controls and all compliance related activities, including SOX certification and compliance with relevant policies and procedures, and similar documentation across BU Southeast Asia.
User Access Management:
- Review access/change request form for completeness
- Review access request against the role matrix/library and ensure approvers are accurate based on the approval matrix
- Perform Segregation of Duties (SOD) checks ensuring access requested does not have conflict with existing access and manual job responsibilities.
- Review weekly movement report ensuring transfer employee's system access is up-to-date and terminated user's system access is revoked on time.
- Raise access termination requests
- Acquire access report from respective IT/Admin
- Check completeness of the report
- Prepare the user access recertification file and cascade to appropriate reviewers
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Identification of mitigating control assignment request for users with valid SOD conflicts
- Review and validation of new SOD conflicts
- Document mitigating controls assignment
- Annual update of mitigating control library
Access Approver Management:
- Identification of appropriate access approvers (i.e. role owner, compliance manager)
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Provide training and continuous support to business reviewers/approvers and related process owners through conduct of IT SOX and Global Access Management refresher trainings
- Main support for the UA SOD scope in CIA audits
- Responsible for SOX/Compliance mentorship deployment (ie DCM walkthroughs to Affiliates) and new projects (ie GRC implementation)
- Perform controls validation testing of all applicable IT controls as per guidelines from the SOX Program including UASOD, interface controls, configurable and application controls related to finance systems and processes.
- Assist on the due diligence project by performing key controls testing based on Global prescribed test scripts and attributes.
- Other matters that may be assigned.
Qualifications
- Must have 2 to 4 years work experience preferably graduate of BS accounting.
- Additional experience in IT audit is preferable.
- Proficient in MS tools
- With good oral and written communication skills
Primary Location
Philippines-National Capital-Manila- Organization
Johnson & Johnson International (Singapore) Pte. Ltd. - ROHQ
Job Function
Finance
Requisition ID
2005819507W