Select Page

Job Role

  • Be responsible for supporting the Head of SAP GRC in managing and delivering an efficient Financial Control and Compliance environment for SAP S/4 HANA and related finance systems, with a focus on centralisation, standardisation, automation, and optimisation of financial control compliance processes.
  • The SAP GRC CoE with its Internal Financial Control (IFC) function acts as a second line of defence in support of Business Units’ own financial control and compliance environments.
  • Partner with the Head of SAP GRC and Business Unit Heads to promote adherence to agree upon financial control compliance processes. 
  • Support for the identification and reporting of non-compliance and recommendations on how this can be addressed.


GRC Strategy Development

  • Support the Head of SAP GRC in the development of the GRC strategy for SLS to ensure greater

compliance to required standards.

  • Support various strategic initiatives ensuring greater compliance and awareness in support of realising the GRC strategy.

Financial Risk and Controls Support

  • Act as second line of defence in the design, implementation, and management of control processes and documentation by supporting the IFC function with maintaining  financial risks and controls in the SAP GRC tool:
  • Maintenance of GRC Master data: organisations, processes, risks, controls, control  performers/owners, firefighter owners/controllers, risk owners, role owners etc. in the repository (Process Control).
  • Creation, testing and maintenance of new  automated business rules and assignment to controls (CCMs).
  • Creation of test plans for key controls.
  • Support management in the identification, design, and implementation of IT General Controls.


  • Continue to identify, design, and implement optimisation opportunities in the financial control and

compliance environment through innovation and automation.

Support SAP GRC Solution

  • Support the management and delivery of financial controls through SAP Access Control 12 and Process Control 12 applications:
  • Maintenance and Innovation of SAP Access Control and Process Control Processes, Technical Design including configuration. Processes include Access request management, Access Risk Analysis, Emergency Access Management and Business Role Management.
  • Support in role design and approval by collaboration with the SAP Security team.
  • Maintenance of all SAP GRC design documentation as a result of technical design updates being made to the tool and processes.
  • Support the SAP Security team in analysis of access risk analysis reports to remediate access risk violations.
  • Maintenance of Access Control custom  ruleset at conceptual and permission/action level.
  • Design, implement and maintain mitigating controls in SAP GRC.
  • Deliver on SAP Access Control and Process Control reporting requirements from stakeholders.
  • Resolve SAP Access Control and SAP Process Control incidents alongside SAP IT function.
  • Liaise with the IT function for the maintenance and support of the SAP GRC solution.
  • Create and maintain standard operating procedures and training material relating to GRC processes.
  • Provide training to end users with regards to processes in SAP Access Control and Process Control.
  • Perform SAP Access Request administration activities.
  • Schedule manual control procedures for regular execution (MCPs and CSAs).
  • Schedule and monitor automated business rules for all CCM controls.
  • Schedule UAR and SOD review workflows.
  • Perform user acceptance testing of new and existing functionality in SAP GRC.

Stakeholder Integration

Support the Head of SAP GRC to operate as liaison between Business Unit management (first line of defence) and key stakeholders that include Internal Audit (3rd line of defence) and External Audit (4th line of defence).



  • Bachelors degree in Finance, Audit, or relevant field from a recognised institution.
  • SAP certification is an added advantage.


  • 4 years  functional experience in SAP Technology.
  • 3 years experience in Risk and Compliance processes and controls.
  • Functional, basic technical understanding of SAP Process Control is an added advantage.
  • 2 years comprehensive experience in SAP Access Control.

Knowledge and Skills

  • Functional, basic technical understanding of SAP Fiori is an added advantage.
  • Functional, basic technical knowledge and understanding of S/4HANA Security is an added advantage.
  • Audit or internal financial controls experience in SAP environment (S/4HANA) is an added advantage.
Verified by MonsterInsights