Uniper
Application Architect
Task description - The scope of services includes the following tasks, which are performed independently:
In 2023 a number of changes are impacting our SAP area. As a consequence of change in the ownership structure of Uniper and even stronger emphasis on the Internal Controls, in this respect by updating existing ones and introducing new IC controls into the SAP ecosystem. The goal is to adjust to all these changes.
Advisory on extraction of so called ‘populations’ for the needs of external IC Audit (auditor currently is PwC company)
Evaluating and providing action-recommendations in case of audit findings to Hiring manager and AC Leader.
Advisory on integration of new controls into the SAP area, meaning process adjustments as well as technical implementations. (The implementation itself is intended to be delivered by an independent external supplier.)
Review of Audit related processes and consultation to SAP Stakeholders (Application managers, Uniper Security team etc.) on the IC relevant aspects of auditing SAP ecosystem.
Monitoring and continuously evaluating accesses to HANA DB, Oracle DB and SAP (ERP, BI, ISU) systems. In case of findings (unauthorised access, access of user bypassing the Uniper Auth. change process), forward this to the Leader of Access Control team.
Document and upload all the activities and outcomes above on the Uniper AC Sharepoint for approval by the Hiring manager (or delegate).
Provide the above mentioned based on own expertise as well as best practice available on the market / internet / SAP information repository, being it IC / IT Controls, SAP technology and SAP security (authorisation) management.
Appear clearly as an external consultant of Uniper whenever interacting with external parties.
Key skills
Large Audit Experience (Experience working with PwC is a plus)
Technical knowledge of SAP systems to interpret the generic IT controls through SAP
Experience in implementing IT controls
Uniper provides all necessary information, access to the systems and requirements in advance.