Compliance Analyst 19-0425
ISRP Program – Governed Documentation Alignment
- Schedule documentation updates, maintain versioning records, and coordinate approval requirements
- Align documentation across sets of controls related to multiple frameworks across our ISRP control portfolio
- Write or edit technical documentation for compliance control mapping, change controls, and reporting around industry frameworks (ISO, SOC, NIST and others)
- Critically read versions of documentation created by process owners for language, clarity, style, flow, and structure to identify areas for refinement. Provide training or counsel on effective writing
- Identify opportunities for simplification of documentation to support multiple industry frameworks (ISO, SOC, NIST and others)
- Attend meetings with leadership, functional management and for working groups developing control processes. Take minutes and track action items for working group or committee meetings
- Coordinate the annual update of data retention requirements for risk, privacy and security
- Coordinate common standards for the documentation, tracking and reporting of issue remediation actions.
Governance, Risk and Compliance Data – Change Coordination
- With compliance team framework (SME) input, schedule and maintain up to date control mapping in our GRC tool in an environment of substantial change. (We use ZenGRC.)
- Coordinate with vendor for substantive changes, such as new entities, new framework assessments, etc.
- Coordinate updates and sharing of controlled documentation with the pre-sales team for customer inquiries
- Maintain updated cross-mapping references for the ISRP control portfolio in a high-change environment
- We are looking for a compliance documentation analyst with experience working with relational database technologies in the Governance, Risk and Compliance domain (GRC Domain). Additionally, to support your understanding of the team and its priorities, knowledge and experience in risk management and IT control testing within the software development space is extremely beneficial, with cloud-based operations preferred. A desire will drive your success in this role, especially for new process, technology, compliance standards and privacy regulations.
- Experience with document management related tools (e.g., Onbase, Sharepoint, Confluence etc.).
- Experience with work flow, service ticketing and audit management tools (e.g., Jira, ServiceNow, etc.)
- Experience with audit, GRC or IRM tools is desirable (e.g., Archer RSA, ACL, ZenGRC, etc.)
- Two years of experience including creating audit or assessment reports and / or creating control-related policy and procedure documentation