Package Description
Salary: £80,000-£92,000 depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights.
Location: Cardiff Central Square
Contract: 12 month fixed term
We’re happy to discuss flexible working. Please indicate your choice under the flexible working question in the application. There is no obligation to raise this at the application stage but if you wish to do so, you are welcome to. Flexible working will be part of the discussion at offer stage.
Excellent career progression – the BBC offers great opportunities for employees to seek new challenges and work in different areas of the organisation.
Unrivalled training and development opportunities – our in-house Academy hosts a wide range of internal and external courses and certification.
Benefits - We offer a competitive salary package, a flexible 35-hour working week for work-life balance and 26 days annual leave (1 of which is a corporation day) with the option to buy an extra 5 days, a defined pension scheme and discounted dental, health care, gym and much more.
About the BBC
The BBC is committed to redeploying employees seeking suitable alternative employment within the BBC for different reasons and they will be given priority consideration ahead of other applicants. Priority consideration means for those employees seeking redeployment their application will be considered alongside anyone else at risk of redundancy, prior to any individuals being considered who are not at risk.
We don’t focus simply on what we do – we also care how we do it. Our values and the way we behave are important to us. Please make sure you’ve read about our values and behaviours in the document attached below.
Diversity matters at the BBC. We have a working environment where we value and respect every individual's unique contribution, enabling all of our employees to thrive and achieve their full potential.
We want to attract the broadest range of talented people to be part of the BBC – whether that’s to contribute to our programming or our wide range of non-production roles. The more diverse our workforce, the better able we are to respond to and reflect our audiences in all their diversity.
We are committed to equality of opportunity and welcome applications from individuals, regardless of age, gender, ethnicity, disability, sexual orientation, gender identity, socio-economic background, religion and/or belief. We will consider flexible working requests for all roles, unless operational requirements prevent otherwise.
Job Purpose
The role sits in Group Finance Central – Risk and Control. The team are accountable for overseeing and business partnering the Pan-Finance function to ensure the finance risk profile is fully understood and appropriate controls are designed and implemented to mitigate the identified risks
The team is accountable for managing the implementation of an effective internal control over financial reporting (ICFR / UK SOX) framework in response to the changes in the UK Corporate Governance Code and to fully understand the financial reporting risks inherent across the finance function.
Group Finance Central – Risk and Control supports the BBC and its stakeholders with a risk-focussed approach to development and maintenance of its controls framework. We have a key role to play in enabling the BBC to achieve its strategic objectives by supporting performance management, governance & risk management and by driving effective decision making.
The ICFR Manager is responsible for supporting the implementation of the BBC ICFR framework and understanding of Financial Reporting risk across the organization whilst ensuring that the BBC high governance standards are met.
Key Responsibilities and Accountabilities
• Develop and support the implementation of a robust IT ICFR framework.
• Lead robust IT application workshops to support documentation of in-scope applications – and complete Application risk assessments..
• Complete thorough walkthroughs and control design effectiveness testing in relation to ITGC and ITACs and other key IT controls.
• Complete and review Operational Effectiveness testing – design appropriate test plans and evidence testing in line with audit principles.
• Support the remediation of control deficiencies through SME support for control owners.
• Support ICFR reporting – ensure reporting is accurate for all relevant forums and committees.
• Raise awareness of IT ICFR, including the requirements for each of the components of the framework, and identification of areas in need of improvement and propose mitigation measures.
• Support the annual ICFR attestation/certification process.
• Provide expert guidance and support to Finance management team on the implementation and assessment of IT controls, ensure that all internal controls are performed adequately.
• Provide ICFR subject matter expertise on IT elements of finance projects and in response to ad-hoc requests from finance and operations teams.
• Support ICFR training workshops for all key stakeholders
Knowledge, Skills, Training & Experience
• We are looking for with IT Audit (CISA) or IT Security (CISM, CISSP) qualifications.
• 5+ years relevant ICFR/SOX or Audit experience. This includes someone with demonstrable evidence of developing, implementing and monitoring IT risks and controls, presenting risk information and policy to senior and non-finance colleagues.
• Knowledge of COSO, COBIT, ITIL, NIST, ISO27001 and PRINCE 2.
• Advanced knowledge of ITGC and ITAC.
• Knowledge of key system architecture including the cloud
• Experience of evaluating SOC reports.
• Ability to see projects through to completion
• A strong business acumen with ability to translate risk concepts and identify risks.
• Excellent Communication skills
• Ability to convey risk and control technical knowledge to Senior stakeholders and non-financial stakeholders.
• Ability to identify issues and associated risks in relation to IT environments.