IT Risk and Controls Testing Analyst

Overview

The Risk and Controls Testing Analyst will assist with planning and reporting on our compliance requirements across IT and ongoing work to ensure the organization can provide timely certification of compliance. The core focus will be the testing of IT General Controls (ITGC), Key Reports for SOx Compliance and other audit requirements. The role requires a clear testing timeline to be met, ensuring documentation is complete and accurate to satisfy external auditing by external parties. The Office of the CIO is involved in numerous initiatives within the IT function. The main function of this role will be to undertake control testing of ITGCs with a particular focus on the planning and execution of SOx control testing. Involvement in other initiatives will be as determined by the line manager.

Core Responsibilities

• Internal control testing (ITGCs) – Perform the execution of the IT SOx annual plan, ensuring efficient and timely execution of all stages of the IT SOx program – Planning, Execution, Delivery & Reporting.
• Create and maintain all documentation relevant to IT SOx program such as walkthroughs, testing and controls evaluation
• Participate and drive detailed control walkthroughs from an internal audit testing front
• Review internal controls documentation and understand the key ITGC controls. Establish, plan, coordinate and deliver controls testing.
• Prepare and maintain detailed, high-quality working papers that document the testing strategy, samples selected, test results, and conclusions.
• Coordinate and implement testing of key IT controls (ITGCs and some application controls, Report Testing as required), track completion, monitor status and follow up with process/system owners.
• Develop and maintain close working relationships with IT management teams as well as external auditors, ensuring a deep understanding of key risks and processes of the organization.
• Understand SSAE 18 (SOC1 Reports) and awareness of key regulations and how they interface with SOx compliance activities and data handling practices.
• Ensure internal control deficiencies are identified, reported, tracked, remediation progress is followed up and re-tested
• Ensure control improvements are identified and shared
• Support quarterly controls self-assessment process
• Support maintenance and upkeep of internal logs/trackers to ensure tracking and reporting

Risk and Issue Management

• Identify, assess, and manage risks and issues
• Escalate to stakeholders for support and decisions where appropriate

Collaboration with External Auditors

• Work closely with external auditors to align on testing timelines and requirements
• Facilitate and accelerate the testing process wherever possible
• Address auditor queries and ensure that evidence documentation is provided in a timely manner

Stakeholder Communication

• Communicate effectively with Control Owners, Operators, IT Directors and other senior stakeholders
• Ensure all stakeholders are informed about progress, risks, and issues
• Promote awareness and understanding of ITGC and SOx requirements across the organisation

Requirements

Experience

• Have proven experience in a recent position as an IT Auditor (preferably at Big Four or other accounting firms) or equivalent experience in SOx IT program in a public company environment.
• Strong interpersonal, communication, and analytical skills
• Experience with GRC Tools or SOx compliance software preferred
• Continual self-development through training, seminars and relevant certifications

Key Competencies

• Detail-oriented with a strong focus on accuracy
• Proactive and results-driven
• Strong organisational and time-management skills
• Ability to influence and collaborate with cross-functional teams
• High integrity and confidentiality
• Ability to clearly articulate findings and communicate results to management

Autonomy

• Works under general direction within a clear framework of accountability. Exercises substantial personal responsibility and autonomy. Plans own work to meet given objectives and processes.

Business Skills

• Communicates fluently, orally and in writing, and can present complex information to both technical and non-technical audiences.
• Plans, schedules and monitors work to meet time and quality targets
• Facilitates collaboration between stakeholders who share common objectives
• Understands the importance of security to own work and the operation of the organisation
• Uses appropriate methods, tools and applications
• Demonstrates an organised approach to work
• Aware of health and safety issues
• Identifies and negotiates own development opportunities
• Has communication skills for effective dialogue with key stakeholders, customers, suppliers and partners
• Ability to work in a team
• Ability to plan, schedule and monitor own work within short time horizons
• Follows procedures, keeps records, and cares for equipment and other assets
• Teamwork – works cooperatively with others to achieve a common goal
• Attention to detail – applies quality standards to all tasks

Qualifications

• Professional certification such as CISA, CRISC, CPA or willingness to pursue professional qualification
• 4 to 7 years of hands-on experience with various aspects of IT SOx including application scoping, flowcharts, risk-control matrix, testing, evaluation of deficiencies and remediation testing

Benefits

• Competitive salary
• Hybrid working
• Rentokil Initial Reward Scheme
• 23 days holiday, plus 8 bank holidays
• Employee Assistance Programme
• Death in service benefit
• Healthcare
• Free parking

EEO Statement

Rentokil Initial is an equal opportunity employer. We encourage applications from individuals from all backgrounds and experiences. We are committed to creating an inclusive environment where everyone can thrive. If you have any accessibility needs or specific recruitment considerations, please contact us.

#J-18808-Ljbffr…