BrightOwl Loader Loading

Governance, Risk and Compliance Manager (m/f) - Germany  

Celesio (company)


Posted on : 20 April 2017

Project Description

For our Head Office  we are looking for a  Governance, Risk and Compliance Manager (m/f) 

 Principal Tasks and Responsibilities: 
  • Defining, documenting and promoting the Governance, Risk & Compliance approach and methodology across the ERP Programme
  • Coordinating the GRC team and its involvement across the ERP project teams, thereby enforcing the consideration of / adherence to all relevant regulations (SOX, GxP, internal controls)
  • Supporting in the development of GRC / Internal Control requirements and their design per functional area, in close cooperation with the Global Process Owners (GPOs) and Global Solution Architects. Work with the GPOs to identify key business process risks in the URS and key controls for these process risks
  • Setup and maintenance of the Key Risk & Key Control List / Risk Control Matrix
  • Coaching and educating of ERP project members on GRC and authorisation requirements, and provide industry best-practices for their functional areas
  • Managing all GRC relevant Stakeholders of the project (SOX office, QM, internal audit, Compliance office…)
  • Guiding and managing the authorisations team to deliver and maintain a best-practice authorization strategy, the Workplace design (SAP Roles), segregation of duties (SOD) and sensitive access requirements (SA). This includes oversight of the setup of global and local roles and associated testing activities  

Profile required: 
  • Bachelor degree or higher and 10+ years of working experience, at least 5 years of management experience in a GRC related role
  • SOX knowledge (in TOD and TOE design for Business part) and experience in SOX testing and attestation support
  • Strong SAP knowledge (should have worked in SAP teams/ areas) and SAP ERP project management experience, ideally related to GRC activities
  • ITIL process know-how in Change Management, Service Validation & Testing
  • Ideally GxP knowledge and experience in Annex 11 (system validation via V-model) – similar to SOX IT general controls
  • Ideally experienced in business process modelling and associated tools (ideally Signavio)
  • Overall Quality Management knowledge
  • Basic Authorization knowledge (about SAP roles and user access management, SOD in SAP)
  • Optional: Wholesale / Retail / Pharmacy knowledge
  • Assertive and persistent
  • Strong leadership and communication skills, fluent in English
  • Prepared to travel Europe-wide on a regular basis