Develops and manages a sustainable process to manage McKesson's ongoing responsibilities associated with the Sarbanes-Oxley Act of 2002
Trains management of relevant business units in regards to their ownership of the process
Serves as a liaison between the business units, corporate Information Technology (IT), finance & accounting, and the external auditors in all aspects of Sarbanes-Oxley
Monitors control design and operating effectiveness
Assists management in developing remediation plans to address deficiencies
Ensures that changes to the strategy and structure of assigned business units are evaluated for the potential impact to Sarbanes-Oxley responsibilities
Sarbanes-Oxley / Compliance Responsibilities
Maintain an understanding of Sarbanes-Oxley legislation, PCAOB Standards, and other relevant guidance issued regarding Section 404 and the impact to the IT environment
Manage positive and collaborative relationship between corporate IT, business unit IT departments and RCG
Obtain an in-depth knowledge of the McKesson systems, network infrastructure, underlying technologies and security controls within the assigned business units
Collaborate with other RCG managers to establish Sarbanes-Oxley plans and objectives, specific to application controls
Support the development and implementation of each IT department's self-assessment of IT general controls, where applicable
Lead and perform procedures to examine the effectiveness of IT general controls
Document testing performed in a clear and concise manner using standardized application tools and document templates
Identify gaps in control design and control operative effectiveness of IT general and application controls and assist IT management with related remediation measures
Monitor implementation and completion of remediation efforts
Monitor corporate IT and business unit creation and maintenance of IT process documentation to ensure documentation exists for all relevant processes and is updated in a timely manner with changes to systems, general controls or application specific controls
Regularly interact with senior management or executive levels on matters concerning status of Sarbanes-Oxley procedures performed and issues identified
Assist the department in the use of computer assisted audit techniques, as necessary
Able to connect top level strategy with IT general and application controls
Supports assigned business units with the continuous evaluation and strategic improvement of its IT environment
Maintain an intermediate understanding of internal and external strategic goals, strategy implications for the unit(s) supported, including existing McKesson processes and current initiatives
Assist IT management's development of plans for continuous improvement of controls
Detailed knowledge of customer processes and financial / IT process pain points
Problem solving and delivering cost effective solutions
Manage RCG's value adding projects for its business unit customers
Create value adding business partnership with RCG BU customers
4+ years experience focused on information systems audit or an equivalent breadth of experience in information security, systems, and network technology, including managerial experience;
Experience with auditing application controls; and Experience as an external auditor
Thorough knowledge of Sarbanes Oxley legislation and PCAOB Standard #2201
Able to exercise professional judgment within defined procedures
Able to apply concepts of materiality to testing and evaluation of results
Able to independently evaluate the effectiveness of controls to prevent errors in financial reporting
Intermediate knowledge of automated and manual application controls
Strong interpersonal skills to build / maintain ongoing business relationships
Additional Knowledge & Skills
Performs all job responsibilities with integrity
Effective communications skills at every level of the organization
Thorough knowledge of auditing policies, practices, and systems
Understanding of the SSAE 18 / ISAE 3402 auditing standard is preferred
Understanding of process improvement and best practices
Understanding of data analysis tools and concepts
Undergraduate degree in business, accounting, IT, internal audit or related field with focus on information systems or equivalent work experience.
Certifications / Licensure
CPA, CIA, CISA or Six Sigma certification preferred
Working Conditions :
General Office Demands
Alpharetta, GA Office Location
Travel up to 15%
Must be authorized to work in the US. Sponsorship is not available for this position.
McKesson is an Equal Opportunity / Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities.
If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition mckesson.
com . Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
Join us at McKesson!