摘要
About the Role
Major accountabilities:
- In addition to accountabilities listed above in Job Purpose:
- Develop, document, and maintain a comprehensive framework of IT general controls for the ICFR program, aligned with relevant regulatory requirements and industry best practices.
- Oversee the review and enhancement of existing SOX control processes, ensuring effective controls design and implementation related to IT systems.
- Collaborate with IT, finance, and business teams to identify key IT systems, applications, databases, and technology assets impacting accurate financial reporting.
- Lead risk and impact assessments to identify and evaluate potential non-compliance in SOX IT relevant processes, driving the design of appropriate controls for mitigation.
- Plan, scope, and oversee the execution of IT-related SOX audits, including the definition of key control objectives, test plans, and effective testing methodologies.
- Review control test results, findings, and recommendations for remediation, ensuring clear communication and collaboration with relevant stakeholders.
- Stay current on changes in regulations, emerging risks, and evolving industry standards, driving the implementation of necessary updates to the control framework.
- Collaborate and build strong relationships with external auditors to facilitate the SOX control testing process and address any findings or recommendations.
- Provide expert guidance and support on SOX IT-related compliance matters, collaborate with cross-functional teams to ensure compliance with Sarbanes-Oxley (SOX) regulations and contribute to the enhancement of our overall SOX control environment.
- Promote a culture of continuous improvement by driving initiatives to optimize the efficiency and effectiveness of the SOX IT control environment.
Key performance indicators:
- Effectiveness and adequacy of the IT general controls framework, with high-quality documentation and alignment with regulatory requirements and industry best practices.
- Quality and timeliness of SOX IT approach and methodology enhancements.
- Alignment and collaboration level of SOX relevant systems with Finance and IT teams.
- Successful and timely completion of IT-related SOX audits, delivering clear control testing results and actionable recommendations.
- Strong collaboration and positive working relationships with cross-functional teams and external auditors.
- Leadership in driving continuous improvement initiatives for the enhancement of the SOX IT control environment and overall compliance program
Minimum Requirements:
Work Experience:
- Minimum of 10 years of experience in IT audit, IT risk management, IT compliance, or a similar senior role
- Deep understanding of SOX compliance requirements, internal control frameworks (e.g., COSO), and IT auditing standards (e.g., COBIT).
- Proven track record of leading and overseeing IT-related SOX audits, including scoping, testing, and reporting
- Experience working cross-functionally and trans-nationally
- Extensive knowledge of IT systems and processes, including system development life cycle (SDLC), IT infrastructure, and cybersecurity.
- Collaborating across boundaries
- Influencing without authority
EDUCATION:
- Bachelor’s degree in Computer Science, Information Systems, Accounting, or a related field. Advanced degree preferred.
- Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar credentials preferred
Skills:
- Information Security Risk Management
- IT Governance
- Cyber security
- Influencing skills
- Stakeholder management
- Business Partnering
- Communication skills
Languages :
- English.
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network
Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards