Company Description
At Informa, no two days and no two people are the same, and you'll find the freedom, opportunity and support of a fantastic community to make a real impact. We’re an international business that connects specialists with knowledge, helping them to learn more, know more and do more through live and on demand events, digital and data-driven services and academic research.
We are home to over 10,000 colleagues across 30 countries and are a member of the UK’s FTSE 100 group of leading public companies. In Global Support, we provide expert guidance and hands-on support to the Informa Group and Informa’s many business teams. Across tech, finance, legal, corporate development, HR, communications, operations and many other areas, we work collaboratively and flexibly to help our brands serve their customers and help the company succeed.
Job Description
As our Enterprise Technology Controls Senior Analyst you will sit within the Enterprise Technology Controls Team and its primary focus is to support the Enterprise Technology Controls Manager to maintain and enhance Informa’s IT controls to ensure they remain effective.
You are required to have a good understanding of Informa as a business, and knowledge of the Shared Service Organisation Process Control environment would be advantageous to further understand the business risks that are presented, and how these are underpinned by the General IT Controls (GITCs).
You will be responsible for the management of the Risk and Control Matrices and will operate within the 2nd Line of Defence to ensure that all IT related Group policies and procedures are adhered to for the applications within the remit of the Enterprise Technology Controls Team, and that controls are designed appropriately to reduce or fully mitigate any identified risks.
The IT control’s function expanded, and the current Enterprise Technology Controls team was established in 2020 to provide Informa management with the continued assurance over the effectiveness of the company’s General IT Controls. The team originally only provided assurance over the 2 financial ERPs SAP, and Oracle, but since its creation it has continued to evolve and is now taking responsibility for other peripheral applications, along with coordinating the IT audit with our External Audit Partners.
The team sits as part of the Technology Solutions and Services (TSS) Group under the Enterprise Technology team, reporting into the Chief Enterprise Technology Officer (CETO) but with dotted responsibilities to the Chief Information Security Officer (CISO) and the Chief Technology Operating Officer (CTOO).
You will initially report to the Director of Enterprise Technology Controls and will work closely with our internal IT teams as well as our 3rd party support providers Mindtree and IBM; liaising frequently with Internal and External Audit, GBS and divisional control teams, and InfoSec with the aim of ensuring that enterprise applications maintain a controlled environment that does not encumber the efficiency of operational activity.
Key Outputs and Outcomes
- Assist with the implementation of the Controls Management System (CMS) AuditBoard for new Risk and Control Matrix (RaCM) deployments, ensuring clear and consistent documentation standards and capturing accountabilities / responsibilities for each material control
- Lead implementations of the various IT Risk and Control Matrices (RaCM), ensuring that any control changes are documented, and that full training is provided to the control owners and performers
- Drive and monitor the remediation of gaps and control deficiencies, ensuring they are captured in line with the issue management processes and standards
- Maintain AuditBoard to ensure risks and controls are updated and there is ongoing compliance across the business with the requirements of the Controls Framework
- Drive the creation and maintenance of the controls documentation to ensure they remain current, for example to consider changes arising from technology and process changes
- Develop and document the testing procedure for each key control, as well as the wider population of non-key controls, assist with the execution of assurance and testing activities on an ongoing basis, liaising with the related testing resources (such as Control Owners and Performers) to refine the testing plan where appropriate, monitor testing outcomes, and resolve control issues
- Actively seek opportunities for control improvements such as the use of automation and new technologies that would benefit Informa.
- Assist with the preparation of adhoc reporting to key stakeholders (including Executive Committee, Audit & Risk Committee and Finance & IT Leadership Teams)
- Coach the Enterprise Technology Controls Analysts to support with the various RaCM implementations and maintenance
- Work with control owners to embed processes and procedures to implement and operationalise controls to ensure they are understood and are operating effectively.
- Liaise with External Audit partners to support with their review of the IT Controls as part of the Group PCAOB audit
- Seek opportunities for personal development to ensure that IT controls knowledge is continuously being enhanced and kept up to date.
Measures of Success
- Successful and efficient management of Risk and Control Matrix implementations
- Reductions in the elapsed time taken to remediate controls deficiencies.
- Successful performance of controls testing and subsequent reporting.
- Continue to see positive results in the external audit, with a reduction in the recommendations being made.
Qualifications
- Strong knowledge of IT controls and security principles essential
- Previous experience of implementing and maintaining IT controls in multi-application environment
- Ability to identify, document and understand IT processes, risks and controls
- Good understanding and knowledge of business process controls within the Shared Service organisation an advantage
- Assessing control design and operating effectiveness; identifying appropriate remediation for control deficiencies and supporting the business to complete them
- Risk aware, knows how to manage identified risks and when to escalate identified risks and issues to other members of the Team or Informa Management
- A drive to deepen controls knowledge, including the application of new technologies to support control performance and testing
- A motivated self-starter who can work autonomously as well as being a team player.
- Proven ability to prioritise, meet deadlines and follow through to completion on projects, requests and tasks
- Practical IT knowledge with skills in Office365 applications
- Experience of being subject to audit highly desirable with specific exposure to PCAOB and SOX audits an advantage
- Ability to provide an excellent level of service to all Informa customers and colleagues.
- Ability to coach, mentor and help develop more junior members of the team.
Additional Information
We work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone. Here’s some of what you can expect when you join us. But don’t just take our word for it – see what our colleagues have to say at LifeAt.Informa.com
Our benefits include;
- Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely
- Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networks •
- Broader impact: take up to four days per year to volunteer, with charity match funding available too.
- Career opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When it’s time for the next step, we encourage and support internal job moves.
- Time out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a year
- A flexible range of personal benefits to choose from, plus company funded private medical cover
- A ShareMatch scheme that allows you to become an Informa shareholder with free matching shares
- Strong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and more
- Recognition for great work, with global awards and kudos programmes
- As an international company, the chance to collaborate with teams around the world
We’re not solely focused on a checklist of skills. We champion energy and ambition and look for colleagues who will roll their sleeves up, join in and help make things happen. If it sounds like a match and you have most – although not all – of the skills and experience listed, we welcome your application. At Informa, you'll find inclusive experiences and environments where all perspectives and backgrounds are welcomed. As part of this approach and our diversity and inclusion commitments, we are also formally an Equal Opportunities Employer. This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses, including all of those protected by law. Ask us or see our website for full information.
Top Skills
What We Do
Informa is a leading international intelligence, events and scholarly research group. We're here to champion the specialist, connecting people with knowledge to help them learn more, know more and do more.
We're a FTSE 100 company with 10,000 colleagues working in over 30 countries and a presence in all major regions, including North America, South America, Asia, Europe, the Middle East and Africa.
Informa has five business divisions: Informa Markets, Informa Connect, Informa Tech, Informa Intelligence and Taylor & Francis.
We are home to hundreds of leading brands, serving businesses and professionals who work in any one of dozens of specialist markets through brands such as Citeline, Arab Health, CPhI and EBD Group in Pharma, Pharma Ingredients and Biotech; SuperReturn, EPFR and FBX in Finance; Lloyd's List in Maritime; New Hope and Natural Products Expo in Health & Nutrition; Routledge, CRC Press and F1000 Research in Academic Publishing; Black Hat in Cybersecurity; AI Summit in Artificial Intelligence; and many more.