Our client, requires a Governance, Risk & Compliance (GRC) Product Owner to support compliance activities, initially through widespread adoption of and driving value from a successful ServiceNow GRC deployment throughout the group of Operating Companies globally. You would also support the compliance team with data analysis and admin work.
Our client is in the process of deploying ServiceNow Governance, Risk & Compliance (GRC). Strategic imperatives for the GRC include: efficiency gains; improved visibility, transparency & accountability; improved agility & scalability; and better management of business risk.
The rollout of the GRC is underway with deployment of a standard platform for issues management & action tracking. This supports existing internal audit and SOX programmes, particularly facilitating remediation processes.
Future work includes a governance & compliance structure, as well as an end-to-end risk management process, providing survey functionality and enhanced reporting across not just audit, but multiple other business lines. The information is core to the effective operation of the groups' compliance functions.
Purpose of The Role:
Lead successful deployment of the GRC tool.
Once the planned GRC implementation and deployment phases are complete, the programme will seek to drive wider and deeper use of the GRC, as well as to engage in other projects and tasks - such as data analysis from the GRC - to support the Compliance and Sustainability teams.
This is a new role and, as such, the operational definitions and exact scope of responsibilities will be developed by the GRC Product Owner in conjunction with the Project Sponsor, the Director of Internal Audit, and the Head of Compliance.
Specific tasks include managing user connectivity across multiple ADs, ensuring role-based access & workflow is operationally effective, and delivering effective change across multiple Opcos, thus ensuring the right people have an easy to use portal to relevant and collated information to enhance compliance across a broad range of functions.
The role reports to the Head of Data and Insights, supporting Internal Audit and Compliance.
There are three separate areas of principal responsibility:
- Ownership, including managing requirements, representing system users, owning and prioritising the product backlog, consolidating decision-making, managing stakeholders, and benefits delivery.
- Business Analysis and requirements gathering, including interviews, process & procedure documentation, and user story definition, to ensure requirements are understood, agreed, and can form part of future delivery.
- System Ownership, engagement with the group internal IT Company, the IT transformation partner (IBM), as well as service management of the 3rd party responsible for GRC system configuration, deployment, support & maintenance.
Examples of specific responsibilities include:
- Experience in leading a variety of programmes & projects (and teams), with scale.
- Managing multiple stakeholders and their objectives.
- Experience in managing the financials of projects.
- Previous involvement in and management of transition, operations/service management, and process change.
- Financial, technical, change management and audit-related experience.
- Professional services background preferred.
- Vendor Management
- Manages and owns responsibility for the work and financial performance of third parties, including the GRC software owner and the implementation partner.
- Willing to immerse in all aspects of projects to deliver successfully ("sleeves rolled up").
- Engages with multiple people in the Company cooperatively, with clarity and persuasively.