Internal Audit & Compliance Manager
Vector Logistics
Date: 2 weeks ago
City: Midrand, Gauteng
Contract type: Intern
Permanent
Midrand
Overview
We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.
But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.
Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.
Job Purpose
To implement the Enterprise Management Framework, maintain the various risk registers and oversee the implementation of the risk management programme and audit programme. To promote and monitor the effectiveness and adequacy of Internal Control processes ensuring good governance in line with King IV and the Companies Act. To actively find solutions to complex Process or Procedural issues. To facilitate and manage the process of mapping, validating, documenting & training key business processes across the business. To lead SAP Authorisations & Access Control ensuring that the right people have access to the right data and systems, preventing fraud or unauthorized access. Ensure the SAP Authorisations process identifies, assesses, monitors, and mitigates risks within the business. To maintain and ensure compliance to the company DOA (Delegation of Authority). Manage the fraud reporting hotline and ensure all reports are properly investigated.
Key Responsibilities
Risk Management
Internal
Qualifications, Skills and Experience Required for the Job
Midrand
Overview
We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.
But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.
Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.
Job Purpose
To implement the Enterprise Management Framework, maintain the various risk registers and oversee the implementation of the risk management programme and audit programme. To promote and monitor the effectiveness and adequacy of Internal Control processes ensuring good governance in line with King IV and the Companies Act. To actively find solutions to complex Process or Procedural issues. To facilitate and manage the process of mapping, validating, documenting & training key business processes across the business. To lead SAP Authorisations & Access Control ensuring that the right people have access to the right data and systems, preventing fraud or unauthorized access. Ensure the SAP Authorisations process identifies, assesses, monitors, and mitigates risks within the business. To maintain and ensure compliance to the company DOA (Delegation of Authority). Manage the fraud reporting hotline and ensure all reports are properly investigated.
Key Responsibilities
Risk Management
- Implement and promote the Enterprise Risk Management Framework & Programme.
- Conduct regular Risk Assessments and Risk Identification sessions with the Vector Exec team.
- Business Continuity Plan (BCP) – document and ensure the BCP addresses key business risks, is relevant up to date and includes detailed action plans.
- Ensure the Vector’s Risk Registers (Strategic & Operational) highlight key risks the business faces – ensure all risks are appropriately addressed in line with the company risk tolerance appetite.
- Oversee the Risk Audit Programme and provide quarterly Risk Pack Updates for submission to the Vector Audit & Risk Committee. Ensure all underwriting survey or risk audit findings are resolved.
- Promote and drive the Vector Risk Management Standards.
- Ensure year end deliverables are met; including yearend stock process compliance and roll forward accuracy.
- Develop and execute risk-based internal audit plans.
- Evaluate the adequacy and effectiveness of internal controls across departments.
- Conduct operational, financial, and compliance audits.
- Prepare and present audit reports with findings, risks, and recommendations.
- Follow up on audit recommendations to ensure timely implementation.
- Identify internal control gaps and suggest enhancements.
- Responsible for Fraud investigation and reporting.
- Drive Key control and Risk indicator Monitoring (monitor and track key controls, risk measures and indicators in the business).
- Maintain the Vector Limits of Authority document. Promote and guide the business in terms of compliance.
- Lead key business process training (Finance & Operations Workshops/ Risk Management Workshops/ Finance & Operational Business Process training).
- Drive the internal control and compliance culture in the business.
- Drive transactional auditing using analytical tools.
- Ensure the organization complies with applicable laws, regulations, and internal policies.
- Monitor regulatory developments and assess their impact on the organization.
- Develop and implement compliance policies and procedures.
- Conduct compliance risk assessments.
- Deliver compliance training and awareness programs.
- Investigate compliance breaches and support corrective actions.
- Drive GL account & non-stock service material compliance throughout the procurement process.
- Manage the compilation of the GRC rule set and ensure it addresses key control risks in the business.
- Ensure the rule set is aligned with changes in the business and control environment.
- Lead the design of master and derived roles for all functions in the business.
- Responsible in insuring there is a proper control process in place for new users to request ERP access or other system access.
- Responsible in insuring there is a proper control process in place for user request changes to either master or derived roles.
- Responsible in ensuring appropriate mitigations are documented and put in place for all GRC SOD’s and Sensitive access flags.
- Manage the GRC engagement with external audit in the annual ITGC audit.
- Drive a good understanding of business processes and the ability to convert this into technical specifications (role build)
- Responsible to ensure business roles are configured with the minimum amount of risk exposure.
- Advise on business risk mitigation and remediation strategies/controls for risk exposed in the GRC process.
- Manage recommendations on best practices to the business for user access across all areas of the business.
- Responsible for ensuring SAP ERP and other system access is timeously and correctly allocated without disruption to the business.
- Maintain the Vector Delegation of Authority. Promote and guide the business in terms of compliance to the DOA.
- Manage Tip Offs Anonymous and ensure all reports are investigated and feedback is provided to the CEO and Audit & Risk Comm.
- Ensure all banking resolutions are updated with changes in the business or changes in business requirements.
- Ensure any summons served on the company are resolved and do not result in summary judgements against Vector.
Internal
- Senior Management.
- Planning teams.
- Finance teams.
- Customer Teams.
- Operations Teams.
- IT Teams.
- Corporate Support Functions.
- Vector Exec.
- Audit & Risk Committee.
- Board Members.
- External Audit.
- Internal Audit (outsourced).
- Legal adviser.
- Insurance.
- Insurance Assessors & Underwriters (As appointed).
- Customers.
- Suppliers.
Qualifications, Skills and Experience Required for the Job
- BCom (with articles) or, CIA.
- Membership of IRMSA and/or IIASA is advantageous.
- 5 years minimum in internal audit.
- 5 years minimum in risk management.
- 5 years in SAP authorisations (GRC).
- Thorough understanding of the industry and related business risks and the capacity to assimilate and apply this understanding to the benefit of the company.
- A solid understanding of business processes, risks and controls (including those related to ERP systems).
- A solid understanding of IT risks and controls.
- A solid knowledge of enterprise risk assessment and management.
- A high-level understanding of fraud risk management, fraud detection and investigative techniques.
- A high-level understanding of SAP modules (FI/CO, MM, WM, BW, SD, GRC).
- Broad knowledge of operations and systems.
- Good project management skills.
- Internal audit methodology.
- King IV and the Companies Act.
- Process improvement expertise.
- Computer assisted audit techniques expertise.
- Data collection and analysis expertise.
- Solid knowledge of pricing models.
- Solid knowledge of business insurance.
- Ability to encourage collaboration with other team members.
- Excellent at problem solving and high analytical skills.
- Strong business acumen in all aspects.
- Strategic influencing ability.
- Must display a high attention to detail.
- Must display an ability to interact at senior management level both internal and external to the business.
- Must be willing and able to travel.
- Ability to work independently.
- Independence.
- Objectivity.
- Diplomacy.
- Initiative and assertiveness.
- Tolerance of stress and pressure.
- Creativity.
- Proactivity.
- Attention to detail.
- Deadline driven.
- High level of integrity and ethics and able to maintain confidentiality.
- Able to interact at all levels of the organization.
- Able to plan ahead and manage time.
See more jobs in Midrand, Gauteng