Vacancy expired!
Resp & Qualifications
Sr. Compliance & Control Analyst (AUDIT)Job code – SCASRPURPOSE: The incumbent will be accountable for audit management, governance and security controls strategy development and associated execution activities. This includes facilitating audit activities with the business and internal or external audit; collaborating with cross-functional teams to identify and mitigate program risk; implementing an operating procedural governance structure; and reviewing evolving privacy and security controls at the CareFirst.PRINCIPAL ACCOUNTABILITIES: Under the direction of the Manager, Audit Compliance the principle duties and responsibilities include, but are not limited to, the following:- Manage and facilitate external and internal audits, to ensure that appropriate business owners are fully aware of objectives and they can produce and maintain suitable records, reports, and files which adequately document planning, execution, and reporting for all relevant activities pertaining to the focus of the audits and regulations, including documentation and storage of policies and procedures. Prepare status reports and communicate to management as requested.
- Prepare audit work papers, reports, and presentations as requested. Ensure audit conclusions, findings and recommendations for improvement or corrective action are appropriately presented to management staff for review, and verify that all findings are accurate, complete and objective. Ensure effective remediation plans are developed, tracked and implemented.
- Utilize audit findings and proactive audit preparatory work to institute technical and procedural controls to mitigate future findings. Work with project business owners to proactively assess and identify privacy, security, business continuity, or organizational risk vulnerabilities in proposed projects; recommending mechanisms or systems controls to mitigate the risks.
- Work with Management and Business to develop enterprise-wide governance framework, collaborating with interdepartmental groups to ensure wide-spread adoption, communication and education.
- Lead development of and manage maintenance of dashboard reporting system to support strategy and business operations decision-making. Manage governance program road map, proposing new activities and leading associated action steps as defined by senior management or an advisory council. Lead assessment of any proposed governance activities to identify overlaps, operational impacts or potential risks.
- Establish and evolve an internal control self-assessment process, leading its execution throughout CareFirst, designed to improve the technical and administrative safeguards within the organization. Craft action plans and control recommendations to close operational and technical gaps identified by the assessments or audit findings. Assess operational reports to recommend and establish new compliance measures, or IT and business process controls that reduce probabilities of future breaches or audit issues. Propose and oversee detection infrastructure.
- Recommend and draft organizational SOPs that align the control environment of the organization with changing regulations, risk framework modifications and privacy, security or audit control implementations. Develop, institute and maintain subsidiary procedure repository and change control infrastructure. Coordinate departmental procedure maintenance assessments and enhancements based on control and regulatory changes. Establish governance structure around SOP and management directives and develop associated communications and training materials.
Vacancy expired!