Control Assurance

The role’s primary purpose is to support the ongoing management, maintenance and assurance of the Financial Controls Framework (and to ensure compliance with the revised UK Corporate Governance Code - and specifically provision 29). Delivery of the annual scoping exercise, assurance testing & reporting of controls to cover the associated risks. This includes management of Self-Assessments issued via Synergi and/or ad-hoc targeted testing as appropriate.

Annual scoping exercise

o Update materiality assessment and categorization of controls in the Financial Controls Framework based on most recent financial numbers and risk assessment

o Assess changes in the business that may impact the materiality of the controls in the Financial Controls Framework.

o Design and implement new controls to cover new risks (for eg. growth / changing areas of the business)

o Assess known areas of risk and control weakness as areas of key focus.

o Design an appropriate assurance/coverage plan for the year for the revised controls framework and supporting process map library to ensure all are kept up to date and fit for purpose (to include areas of key focus depending on output of annual scoping exercise).Align plan across other avenues of assurance such as Internal Audit, Ext auditors and Infosys C&C team to avoid over testing.

Assurance / Testing of Controls

o Maintain the online workflow platform (Synergi) used for control assessments, by keeping risk & control libraries up to date and reviewed and managing user access.

o Coordinate the rolling self-assessment of Financial Control Framework standards across all business units, including set up of assessments in the system (Key + Non-Key + Process Maps + ye update) and testing of design and operating effectiveness.

o Provide ongoing training to key stakeholders on the Financial Controls Framework, the assessment process, and the online Synergi system.

o Review and validate the results of the Key self-assessment responses through testing and evidence review in accordance with Group guidance.

o Pull out common themes, understand the root cause of those themes and make suggestions for improvement (for eg. It could be around poor evidence for management review controls). Use these observations to drive improvements across the financial controls framework.

o Review and selectively validate the results of the Non-Key self-assessment responses through testing and evidence review in accordance with Group guidance.

o Produce reporting and analytics on Financial Controls Framework and action plan status (using the Synergi tool output as a base).

o Working with Process and Control Owners to design and implement remediation plans to rectify any control breaches.

Control Improvement / Best Practice

o Setup and maintain Controls SharePoint site. To include (not limited to):

- A methodology / best practice guide and templates to include, 'how to design a quality control' / 'how to evidence operation of a control' / 'what good excel / management review controls look like'.

- Synergi guidance (pull together all existing training / docs + anything more required so control owners have a comprehensive view as well as instruction manual for 'master users').

o Continuously review the Financial Controls Framework and associated processes to:

- Identify opportunities to rationalize (key v non-key assessment)

- Identify any control gaps

- Drive consistency across business units and between UK v Nordics

- Identify opportunities to improve/strengthen controls (bringing experience from previous roles/companies where relevant)

o To support the activities of the Finance team (UKI & Nordics), helping the function to manage risk across all areas of Finance (including areas of transformation and change)

o Educating, training and supporting staff to build risk & controls awareness across Finance

o Change: work across the Finance team to identify and design appropriate controls post change activity (eg. Supplier Funding project / B2B leasing).

o Improve Infosys documentation - ensure all client control points included in Infosys WDs, SOPs and Process maps;

o Working with Infosys to review and assess the impact of Infosys C&C internal control observations. Pull together a risk-based plan to address their observations.

o Interface / Data Controls - known gap / weakness - work with IT to pull a plan together to address the gaps in controls here.

o Work with Internal Audit to understand any controls observations they may have and implement fixes where relevant. Keep them abreast of any changes to the financial controls framework. Align testing of controls where possible to avoid any duplication.

o Work with Ext auditors to align understanding of risk and controls effectiveness, leverage their knowledge and where possible help to improve their ability to rely on our controls.

o Support the Finance function with ad-hoc process and control breakdown (eg. SAP SOD/User Access, AP Fraud issues)

o Work with Group Risk to align controls to the Group Fraud Controls Framework

o Design and maintain instruction manual/master user guide for ‘how to use Synergi’ (from master user pov);

o Prepare updates for the annual report (effectiveness of internal control paper) and Audit Committee where necessary

o Support the Finance function with ad-hoc tasks as and when required.

Minimum 7+ years of Experience.