IT SOX Compliance Manager

PURPOSE AND SCOPE:

Support management of IT SOX compliance and related IT general and application controls at the corporate level and distributed among the FMCNA divisions and locations.  Manage the development, implementation and testing of controls for new acquisitions and in-scope entities.  Manage the performance of annual internal control testing.  Facilitate internal and external IT audits including Financial Statement and Sarbanes Oxley audits.  Work with senior management to define remediation/mitigation for internally and externally identified audit and compliance deficiencies and track remediation progress.  Assist in the management of the SAP GRC Process Control system used to document and manage financial and IT processes, controls, testing and remediation.  Support the SAP access provisioning tool used to request, analyze and approve SAP requests.  Assist in the management of SAP roles and the identification and assignment of appropriate SAP role approvers.  Provide audit and regulatory guidance, support and subject matter expertise to the IT organization. 

 

PRINCIPAL DUTIES AND RESPONSIBILITIES:


* Perform process and control assessments for new acquisitions and divisions, entities and locations new to the audit scope for potential IT general controls, application controls and process improvements.  Assist in the definition of remediation plans, activities and retesting for potential issues and process improvement opportunities.


* Perform assessments of in-scope systems, processes and controls to verify that controls are designed appropriately and operating effectively.  Assist in the definition of remediation plans, activities and retesting.


* Facilitate IT management's documentation updates and management assessments of all in-scope FMCNA IT processes based on SOX and audit requirements via meetings with the FMCNA IT Regulatory function and IT management. 


* Participate in preparing periodic SOX 404 reporting to the FMC-KGaA SOX 404 Steering Committee.


* Perform the annual SOX 404 scoping exercise to determine if there are any changes to IT data centers, applications or related processes which should be considered to determine what is in scope for SOX 404 purposes.


* Provide regular updates to the department management (VP and Senior Manager) regarding the status of the SOX testing plans, the issues identified, and solutions to address the identified issues or deficiencies.


* With the IT SOX Compliance Senior Manager, serve as the principal interface with the external IT Audit function and the FMCNA IT function regarding SOX IT audit related matters.


* In conjunction with the FMCNA IT Regulatory Compliance function and the IT external auditor, analyze the SOX testing results and work with management to identify, document and test remediation plans for identified deficiencies.


* Responsible for access certifications of financially significant systems, including segrega...