职位描述:
Responsibilities:
-Initiate, own and co-ordinate control processes with particular emphasis on SOX (Sarbanes Oxley) and any other internal processes.
-Understand and familiar with IBM FICs (Framework of Internal Controls) requirements and develop KCO testing plans, execute tests and report onto WW tools (GCDB, WWBCIT, WW BCRM, ITT, CSA DB, RADB etc.)
-Consolidate and perform CSA (Continues Self Assessment) per quarterly cycle, working with Corporate Business Controls, AP EDM SARM & AP Compliance Operation team.
-Work with ISSC Business Controls team, attend and facilitate ISSC QCM (Quarterly Certificate of Management) process and other ISSC control activities.
-Perform Risk Management to facilitate any Corporate Audit, CARs, Peer Review, BC Proactive Review, SPR, SAS70 review, QA reviews etc.
-Work with Delivery Teams to ensure security compliance to ITCS104, GSD331 or other ITD guidelines. Track and close any delivery issue out of KCO test, Compliance report and audit/review.
-Become key member in ISO 20000 implementation and audit.
-Provide solid and advisory consultation and assessment to management and cross competency.
Requirements:
-B.S degree or above in Computer Science, Business Administration or related disciplines
-Good English/Japanese skills are required
-IT Security or auditing experience or qualifications is desired. (e.g. CISA, CISSP, CIA, ISO7799/27001 LA etc).
|
