Deel deze baan

Internal Control Expert Security and System Access

Datum: 15-jan-2022

Plaats: Amsterdam, NL

Bedrijf: AkzoNobel

We zijn al meer dan 200 jaar pionier in een wereld vol mogelijkheden voor perfecte afwerkingen. De kans is groot dat onze producten altijd dicht in de buurt zijn. We zijn er trots op dat klanten van over de hele wereld vertrouwen op onze eersteklas merken en producten, waaronder Flexa, Sikkens, Dulux, International en Interpon. We zijn actief in meer dan 150 landen en willen wereldwijd leider in onze industrie worden, als meest duurzame verfbedrijf dat al ruim twee eeuwen kleur geeft aan de toekomst.


Purpose of the job

The In Control statement and the Risk Management paragraph in AkzoNobel’s annual report are required by the Dutch Corporate Governance Code.

The AkzoNobel Risk and Internal Control (RIC) function drives, develops, maintains and supports Enterprise Risk Management and Internal Control within AkzoNobel NV and its operating and corporate staff units worldwide:
• to ensure that the Risk Management and Internal Control policies and frameworks, guidelines and standards are fully implemented in the organization, with a companywide and consistent approach,
• to provide reasonable assurance that risks and control related to the overall business objectives are identified, assessed and appropriate decisions and actions are taken.

Ultimately providing a platform where current and future business objectives can be achieved and the obligations to stakeholders, shareholders, employees and society can be met. Resulting in uniform and consistent risk and internal control reporting within the organization and to its stakeholders.

The RIC function consists of 4 pillars, all represented in the RIC management team:
(1) Enterprise Risk Management
(2) Internal Control Framework Design,
(3) Technology & preventive controls
(4) Monitoring & Business Partnering

As a Center of Expertise, with a pool of high-profile experts, the RIC team offers subject matter advice, policies and tools to successfully support our businesses and their employees. The Internal Control CoE supports the business change agenda with specialist knowledge and advice in risk management, fraud prevention, internal control, authorization & automation and continuous improvement.

The Technology & preventive controls team drives companywide the authorization standards, drives control automaton and application controls, provides guidance, manages support tools and documents to help manage financial and business processes across the company.

The Internal Control Expert Security and System Access sets and maintains companywide standards and adequate and effective operating controls for system access and application controls within the AkzoNobel control concept in all relevant technical applications under general supervision of the Internal Control Technology & Preventive Control Lead. The Internal Control Expert Security and System Access is part of the Corporate Internal Control network.

This function combines Risk Management and Internal Control and specific technical (SAP) expertise. The activities consist amongst others of improving control solutions in our systems. The role also implies initiating control solutions as mitigation to commonly and frequently reported control deficiencies. The function plays a dominant role in the ongoing initiative to enhance AkzoNobel’s automated control landscape to enhance reliability and business process performance while reducing the cost of control.



Key responsibilities

• Develop and maintain the AkzoNobel Golden Rules Sets for application & automated controls
• Perform impact assessments on changes in the IT landscape, on new and changed application and automated controls; define implementation plan;
• Coordinate the annual assessment to monitor adherence to the Golden Rules Set and report to stakeholders;
• Is risk approver in GRC Compliant Access process;
• Propose, approve and communicate standard mitigating controls and control solutions; monitor follow-up of request for change (RFC);
• Manage the Data Analytics approach within the Internal Control organization, develops and maintains data mining queries;
• Ensures compliance with Internal Control standards with regards to application and automated controls in tooling related projects;
• Ensure proper progress reporting of control deficiencies. Guide, support and train the Internal Control managers in evaluation of the reported internal control deficiencies;
• Act as liaison person for Internal Control on the implementation of standard automated controls whereby the focus is on increasing the usage of automated controls in our (ERP) systems;
• Gathering support and convincing business to implement adequate automated controls and balancing the cost of control and the risk level;
• Constantly creating and improving awareness within the BU for balancing risk and control;
• Develop and maintain a strong functional relationship with the GPO’s, IM, controllers and Internal Control managers;
• Primary contact for internal and external auditors regarding observations related to application and automated controls in SAP and other systems.





What do you bring?

Essential educational qualifications, relevant experience and requested skills.

• Academic (Master) working and thinking level.
• At least 10 years of experience in Information Management environment directly related to SAP access and process/application controls.
• Preferably has worked in the area of Governance, Risk and Compliance.

Management/general skills:
• Demonstrated high level of integrity.
• Pro-active attitude and a dose of guts.
• Result oriented and customer-oriented approach.
• A team player who can also to work independently with a problem-solving attitude.
• Ability to distinguish between essential and non-essential and prioritize activities.
• Strong influencing skills in order to generate change without authority
• Professional communication and consulting skills in English, in writing and verbal, and the ability to work in different cultures, convincing throughout the organization.
• Willingness to travel.

Functional competences:
• Profound expertise level in IT related skills (SAP application controls and authorization, SAP GRC, general ITC).
• Knowledge and experience with end-to-end business processes internal control and risk management.
• Willingness to further develop knowledge and experience in other relevant systems.
• Highly developed analytical and organizational skills.
• Ability to recognize conditions warranting attention and develop practical solutions.
• Familiar with COSO framework.
• Experienced user of MS Office Excel.

Become part of an outstanding company

AkzoNobel is consistently rated as one of the top employers in The Netherlands. You will join a company that is committed to achieving real sustainability. At a personal level you will also benefit from:
• a competitive salary with an above average number of annual holidays;
• participation in the AkzoNobel pension plan;
• travel expenses to and from work
• opportunities for education that will help you to grow beyond this role

More information and how to apply

We welcome your online application via Only online applications including resume and cover letter will be considered. If applicable,it is essential that you have a visa that allows you to work in the Netherlands. If you have any questions, please contact Tim Laan, Talent Acquisition Partner, +31 880 030 731, option 2. Or send an email to


Alle gekwalificeerde sollicitanten zullen worden overwogen voor de functie zonder rekening te houden met hun ras, huidskleur, handicap, geslacht, geslachtsidentiteit, burgerlijke staat, nationaliteit, etnische afkomst, geloofsovertuiging, leeftijd of seksuele geaardheid.

Requisition ID: 17805