Beschreibung
Für einen Kunden aus der Energiebranche suchen wir derzeit einen Project Management Consultant (m/w/d).Laufzeit: 01.08.23 - 31.01.24
Auslastung: 25 Std / Woche
Standort: Remote und Düsseldorf - Aufteilung nach Absprache
Sprache: English (must), Deutsch (nice to have)
Project description:
This project is about improving the audit-readiness of clients IT function as well as reviewing and updating the Internal Controls for IT Systems. The background to the project is that an effective internal control system is required that is legally binding for the company. These controls need to adequately reflect the changing technical and economic environment, so that they require regular updates.
Aim of the project: Update of Internal Controls catalogue for IT Systems and introduction of these controls. Planned start/end date: August 2023 until January 2024.
Task Description - The scope of services includes the following tasks, which are performed independently:
Primary task:
Consult the clients management what documents need to be provided to the auditors in the context of IT General Controls (ITGC) Year End Audit activities. Present and share the consolidated results of the executed Internal Controls with the internal Auditor.
Collect written communication (email + PowerPoint slides + other written means of communication) for all relevant internal and external stakeholders (100+ people) that are documented in the internal Enterprise architecture system of their responsibilities in external IT Audits.
Inform all stakeholders about changes in the clients internal controls framework and if IT application specific controls need to be adjusted. The information who is filling what role is captured in the clients Enterprise Architecture System. For each IT application there is a defined group of people/roles that take care of managing and maintaining the IT application. These roles and their responsibilities are defined in the clients Internal Control System. Affected IT applications are SAP systems, Energy Trading and Risk Management systems, Price Calculation Tools, Procurement Systems, Dispatch Systems.
Identify actual and potential control deficiencies and present the IT compliance status to the clients based on the specified controls (approval of user changes). The “IT Compliance Status” consists of an overview of the identified and potential control weaknesses. The point of reference is the clients defined IT Controls Catalogue. The updates will be on a monthly frequency. Present the results to the management. Used tools are MS Office tools.
Consult the clients stakeholders on the IT audit results that affect them and propose suitable remediation measures.
Provide a set of written instructions that are part of the internal controls definition for defined control performers so that they understand what is expected of them in relation to internal controls.
Consult internal stakeholders on assessing IT compliance risks and defining adequate mitigating measures.
Consult the clients IT management in the IT Roll-out of IT controls. Create documentation about the results and present it to the client
Identify improvement measures / potential for automation controls. Create documentation with recommendation and present it to the client for a sign off.
Skills:
- English must have (business fluent),
- German (nice to have)
- Demonstrated work experience as IT audit and IT compliance practitioner, preferably at one of the “big four” auditing companies
- Team player who is not afraid to step out of his/her comfort zone
- Autonomous and diligent manner of working.
- Strong communication skills
- IT Project Management experience
Advantage
- SAP, in particular usage of SAP GRC and default SAP functions to ensure IT compliance responsibility
- Knowledge of relevant assurance standards (e.g. ISAE, SOC) and standard frameworks relevant for the utilities and energy trading sector (e.g. KRITIS, ISO27001, EU GDPR etc.)