UIT - ERP Systems - Application Architect

Task description: The scope of services includes the following tasks, which are independently performed by the external consultant:

Uniper Support & Cross Functions (SCF, consisting of intenals and externals) Audit Management - SAP area

- Review of existing IC (internal controls) catalogue in respect to new process requirements. Controls based on COBIT framework. The access will be provisioned by Uniper/project. Review means here to verify if the control definition is still matching current scope (SAP systems) and regulations. Verifying, if the Uniper teams are able to deliver on them.

- Redesign, based on discussion with application managers and optimisation of the existing Uniper SCF IC Audit relevant processes. The consultant will present to the hiring manager. He will sign it off.

Used tools: Symbio, Visio, Office 365, Process mapping methologies, optional: Connect (PWC tool).

- Output verification with Internal & external Audit teams.

- Coordination of delivery of SCF monthly/ quarterly/ yearly and ad-hoc audit activities. Uniper will provide the consultant with the necessary information about the activities. The consultant has to verify that the timeline is clear to everybody and check, if all Application Manager (AM) delivered in time.

- Advise and consult of SCF teams in scheduling, requirements gathering, training, delivery coordination, quality checking of assigned audit tasks.

- Issue resolution and risk mitigation. The consultant defining a plan, how to not having the risk. Implementation would be performed by AM teams.

SAP GRC Process Control (Ver. 12)

- Definition (based on Consultants expertise) of Governance model for GRC PC platform (ITIL processes, RACI). The consultant has to present to the hiring manager and Application owner, They will sign off.

- Functional consulting (to GRC PC AM team) on implementation of SAP GRC PC for Audit processes / Process management for relevant IT Controls.

- Creation & Implementation (documentation) of:

o   Automation, semi-automated & Manual controls

o   Design of operational, support & escalation processes

o   Regulation definition & alignment (Alignment to be replaced by UAT.)

o   Functional & operational role definition of RACI for the GRC PC solution.

o   Control compliance reporting & evidence consultation of Internal & external Audit teams

o   Stakeholder Management; Moderation of meetings, identification of relevant stakeholders for specific tasks.

o   Operational execution of Automation, semi-automated & Manual controls ensuring control compliance. Sing off in form of acceptance of efforts in Fieldglass and confirmation by Application owner (email).