GRC Systems Business Analyst (KG)

Mediro Application Consulting • Umhlanga, ZA • 2d ago

Key Responsibilities:

1. Requirements Gathering & Analysis:

   - Collaborate with business stakeholders (Risk, Compliance, Audit, Legal, IT) to gather and document functional and technical requirements for GRC systems.

   - Conduct workshops, interviews, and surveys to understand business processes, risk management needs, and compliance objectives.

   - Analyse and translate business needs into clear system requirements and user stories.

2. GRC System Configuration & Implementation:

   - Work with technical teams to implement and configure GRC systems (e.g., SAP GRC, RSA Archer, MetricStream, or other GRC solutions).

   - Ensure that GRC systems are set up to support compliance processes, risk management workflows, and audit management processes.

- Assist with system integrations, ensuring seamless data flow between GRC platforms and other enterprise systems (e.g., ERP, Veeva etc.).



3. Process Improvement & Optimisation:

   - Identify opportunities for process improvements in governance, risk, and compliance areas through GRC system enhancements.

   - Propose and implement GRC system changes that streamline workflows, improve data integrity, and increase efficiency.

   - Monitor system performance and recommend adjustments to improve user experience, reporting, and data analysis.

4. Documentation & Training:

   - Prepare detailed documentation, including functional specifications, user guides, and system configurations.

   - Conduct user training sessions and create training materials to ensure proper utilisation of GRC systems.

   - Support end-users by providing guidance on how to use GRC tools for risk management, compliance tracking, and audit processes.

5. Testing & Quality Assurance:

   - Develop and execute test plans for new GRC system features, configurations, and integrations.

   - Perform system testing, identify defects, and work with technical teams to resolve issues.

   - Ensure that GRC solutions comply with internal controls, external regulations, and security requirements.

6. Reporting & Analytics:

   - Design and implement reports and dashboards to provide visibility into governance, risk, and compliance metrics.

   - Ensure that GRC systems provide real-time analytics, enabling stakeholders to monitor risks, compliance status, and audit findings.

   - Assist in the creation of risk assessments, compliance reports, and other documentation required for executive reporting.

7. Support & Maintenance:

   - Provide ongoing support for the GRC systems, troubleshoot issues, and ensure the systems are operating effectively.

   - Manage system updates, upgrades, and patches to ensure the GRC tools are up-to-date and in compliance with relevant regulations.

   - Serve as a liaison between business users and IT for resolving system issues.

Minimum Requirements:

Experience:

- Bachelor’s degree in Business Administration, Information Systems, Computer Science, or a related field.

- 3+ years of experience as a Business Analyst with a focus on GRC systems (SAP GRC, RSA Archer, MetricStream, etc.).

- Proven experience in requirements gathering, system configuration, and implementation of GRC platforms.

- Strong understanding of Governance, Risk, and Compliance processes and frameworks.

Technical Skills:

- Experience with GRC solutions (e.g., SAP GRC, RSA Archer, MetricStream).

- Strong knowledge of business process modelling, workflows, and documentation.

- Familiarity with data integration, reporting tools (e.g., Power BI, Tableau), and database querying (e.g., SQL).

- Comfortable with system testing, including creating test cases and executing user acceptance testing (UAT).

- Communication Skills:

- Strong written and verbal communication skills.

- Ability to translate complex technical concepts into business-friendly language.

- Experience in preparing training materials and delivering training sessions.

- Problem-Solving & Analytical Skills:

- Strong analytical and problem-solving abilities.

- Ability to identify system inefficiencies and suggest improvements.

- Attention to detail and ability to analyse data for risk and compliance reporting.

Desirable:

- Certified Business Analysis Professional (CBAP) or Certified Scrum Master (CSM).

- Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA).

- Experience with Regulatory Standards:

- Knowledge of SOX (Sarbanes-Oxley), GDPR, ISO 27001, or other relevant regulatory frameworks.

- Familiarity with internal controls and audit methodologies.

- Experience in Agile/Scrum Environments:

- Experience working in Agile or Scrum environments for software development and implementation.

Desired Skills:

GRC Solutions
Data Integration
Reporting Tools
Power BI
Tableau
SAP GRC
RSA Archer
MetricStream
GRC Systems

Related Jobs

Agile IT Project Co-Ordinator/Business Analyst at Ntice Search

Ntice Sourcing Solutions • Umhlanga, ZA • 1d ago

1d ago

Apply