Individuals within the IT Compliance Analyst role are responsible for ensuring that the organization in accomplishing its objectives by bringing a disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for gathering IT risk and controls information and facilitating related surveys and audits. Partner with the IT Compliance managers and director to enhance the IT control environment based on industry or corporate standards.
Members of this role need to have an understanding of software development life cycles, IT SOX controls, industry standard software validation practices (ie GAMP 5, 21CFR part 11, FDA validation guidelines) information security principals, process design, and IT compliance management. They must be able to understand business requirements, technical specifications and change management documentation in order to document IT procedures and related information. They must have interpersonal skills and be skilled at written communications.
PRIMARY DUTIES AND RESPONSIBILITIES:
* Assists in documentation of ABC's IT General Controls.
* Assists in identifying Control Owners
* Working closely with control owners to document IT controls.
* Assists in the monitoring of certain IT General Controls as part team.
* Working closely with the business and control owners to document and maintain an inventory of systems that fall into the category of Validated Computerized Systems at PharMEDium, the list will be reviewed annually for accuracy and completeness.
* Document an annual Master validation plan for computerized systems.
* Ensure compliance with the 21CFR part 11 requirements.
* Working closely with business and control owners to conduct the necessary validation protocols such as (IQ, OQ, and PQ) for IT supported validated computerized systems.
* Document the necessary protocols and reports necessary for validated computerized systems.
* Understand meaning of audit questions and interview IT process owners to document answers.
* Document IT controls and control changes in order for ABC to comply with corporate and regulatory requirements.
* Assists external compliance initiatives that may include SOX, PCI DSS, HIPAA, FDA and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.
* Interact with external and client auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate how IT controls work.
* Stay current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.
* Prepare clear, detailed and accurate compliance documentation, including narratives, control descriptions, risk control matrices, test programs, and performance metrics.
* Adheres to policies, procedures and standards.
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Or equivalent work experience. 5 to 10 years IT compliance or audit experience and have a professional certification (CISA).
MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:
* Ability to work within a team environment
* Skilled at interacting with internal and external personnel
* Strong interpersonal and analytical skills
* Strong organizational and oral/written communication skills (ability to write policy and procedure documents)
* Comfortable working with management, and ability to work independently on projects
* Ability to travel
* Working knowledge of IT Sarbanes-Oxley requirements
* Working knowledge of GAMP 5, 21CFR part 11, FDA validation guidelines
Posted by StartWire
Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task