The SOX Compliance function is responsible for oversight and management of the Viacom SOX program and activities supporting the quarterly and annual SOX certification. The group is responsible for the company’s annual scoping and risk assessment, including identification of key controls, maintenance of process documentation, independent testing of controls, and assessment/ evaluation and reporting of deficiencies.
The Director, IT SOX Compliance will be responsible for day to day execution of the IT SOX program, under the direction of the VP SOX Compliance. The Director will manage a team of managers in various company locations.
The Director is a skilled IT professional who uses his/her deep knowledge of systems and controls to support the department’s initiatives which include determining propriety and efficiency of control structure, streamlining controls, assessing new systems and their impacts on our controls, and overseeing the system pre-implementation process to ensure systems are implemented properly and with minimal risk to the company. The Director IT SOX Compliance is an integral part of the team, serving as a representative to stakeholders in IT, Legal, Information Security, and internal/external audit regarding IT Compliance related efforts.
- Annual scoping assessment (in conjunction w/ business process) of applications and related ITGCs, interfaces, reports, and automated controls.
- Alignment with external auditors on scope and scope changes throughout the year.
Quarterly Testing & Reporting
- Development of team testing plan
- Review of team quarterly controls testing
- Escalation IT Compliance related issues or concerns
- Reconciliation of interim and year-end IT SOX fails with external audit firm.
- Preparation of quarterly IT Compliance results reporting
- Review Service Organization Controls (SOC) reports and prepare relevant assessments and user control consideration mappings
- Oversee system pre-implementation monitoring process to ensure that the proper projects are identified and that key system receive a pre-implementation review prior to go live per Viacom policy.
- Participate in system based projects with potential SOX impact, map system process flows, identify IT control gaps, advise the business on appropriate IT SOX control design, and provide input in system readiness meetings
- Compliance Application Oversight/ Administration and related report development
- Drive standardization and consolidation of divisional IT SOX controls, and alignment with external auditors
- Work closely with internal and external auditors and various IT stakeholders, including information security, server and network operations, and applications development teams to ensure IT Compliance issues or inquiries are properly addressed
- Project manage various SOX Compliance projects and initiatives
- Prepare and present various meeting decks to management