Key Responsibilities : 2.1. SOX Compliance & Effectiveness Define & Implement SOX-ITGC Governance program, SOX ITGC framework in line with any relevant best practices, create and maintain central repository for documentation of controls for all the in scope applications and services, define accountabilities and responsibilities among functional and IT teams, define Control Documentation Requirement guideline & Control Execution Guideline, define Control Testing Requirement, define remediation planning documentation & Execution Requirement Timeline, define and implement the ITGC framework.
Train and coach control owners to understand the control and implement the control (by agreeing to the remediation plans).
Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures.
Responsible for maintaining and updating all aspects of the internal SOX compliance. 2.2.Risk Management - Remediation & Mitigation Responsible for driving SOX ITGC to meet requirements for SOX compliance Framework.
Ownership of all internal and external SOX audits, ensure and facilitate remediation and mitigation as recommended by external auditors and enable internal stakeholders to implement the control effectiveness, performing initial reviews of evidence submissions and performing subsequent project management tasks.
2.3. Program Ownership, Business & Customer Engagement Responsible for drive and executing periodic SOX ITGC Compliance assessments, lead and drive control effectiveness with Internal and External Audit teams.
Responsible to define & publish KPI metrics for SOX Compliance areas. Responsible to understand information security requirements from external customers and execute projects to comply with requirements.
Guide the functional IT team members and review the ITGC implementation performed by the team. Identify gaps in the control process and operating environment for all the in scope applications and services.
Assists the senior management in defining the control objectives and monitoring compliance efforts. 2.4. Governance, Monitoring & Reporting
Define and implement SOX Governance and drive program level monitoring with service owners across all IT for SOX ITGC deliverables.
Track the evidence submission, remediation & mitigation plans and publish dashboards weekly / monthly / quarterly. Take proactive measure to mitigate the gaps and strengthen the business control processes.
Report SOX Compliance status and required action plan to senior Management. Serve as a liaison between internal and external auditors.
Stays abreast of changes in SOX regulations to ensure timely compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls.
Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance.
Develop and conduct SOX compliance training to control owners and control operators.
We offer :