Job Description :
Role name: Business Consultant
Location : Indianapolis, IN
Duration (Months) 12
Experience (Years) 8-10
Competencies: SAP Security & Authorization, SAP GRC Process Control (GRC-PC)
Essential Skills:
Need a resource who is experienced in business process analysis, application security, controls design and implementation.
Configured and implemented SAP GRC 10.1 Access Control suites
Excellent understanding of Risk Analysis, Remediation and Mitigation process.
Understanding of Role and User level evaluation of system specific design against SOX governing policies.
Update the overall GRC strategy document to include PC strategy, including establishing testing strategy and protocols, training strategy and protocols, knowledge transfer plans and project communication protocols for PC team
Support master data definition workshops around master data design and requirements, review of missing data elements in the risk and control matrix (RACM) and design of GRC PC control catalog
Support the definition of controls for Continuous Control Monitoring (CCM)Support design workshops for PC workflow processes, business rule naming conventions and establishing roles and responsibilities (RACI)
Support design workshops for identifying and designing CCM rules, identifying required data sources, connectors, filters, conditions, etc.Confirm the build of the centralized, risk and controls repository and integration between SAP GRC Access Control (AC) and PC to link mitigating controls to segregation of duties rule violations set-up
Confirm CCM build to cover control requirements
Role Description:
Lead team to define global security template based on SAP security best practices and business security requirements including new generation SAP technologies-S/4, HANA, Fiori security.