Risk and Controls Specialist

Your function:

As Risk and controls Specialist you will review and execute the RCF controls and independently verify and challenge the effectiveness of the controls. You will also support the Australia and New Zealand region with design and implementation of risks and controls based on the Global Risk and Control Framework. You will report to the Integrated Risk Manager and be part of the wider Risk Team at APAC.

Day to day:

1. Provide the 2LOR challenge to the risk assessments performed by the 1LOR
2. Form an independent view on the effectiveness of the control

Under the direction of the Head of IRM monitors/challenges/supports the countries in the region execution of the risk assessment. All Risks associated with the controls allocated to them are completed timely with supporting justification(s) of sufficient quality to support the risk levels.

Perform any interviews investigations re-performance necessary to be able to form a view as to whether the control is effective or ineffective.

This involves verifying that:

• The local control description fulfills the requirements of the control principle
• The local control description includes the 5W1H
• Test and document control descriptions test scripts and walkthrough documentation together with the relevant control owner in the business.
• Secure that the documentation is audit proof. You will communicate the test results with the external auditor and will guide them through the documentation when applicable.

1. Gather appropriate backup documentation to substantiate the Testers view and fulfil the required sample size

Gather the required proof to substantiate the Testers review including documents reports and screen prints etc. This involves:

• Gathering proof of control effectiveness (of all potential flows)
• Gathering proof that the SoD principles are met
• Ensure the proof provided meets the EAE standard
• Ensure that correct population is used to get a proper sample selection (note the control owner should not pick the sample if possible the tester should gather the sample themselves)

1. Test controls for both design (DTR) / execution (OTR) with the frequency outlined as per the test cycle
2. Communicate the results of the findings to the 1LOR and agree the remediation timelines before the testing deadline
3. Document the results fully and upload proof to appropriate internal systems within the required timeline

All tests allocated to the Testers should be completed before the deadline set by Group Control/IRM (Delegated responsibility to monitor completion of CSAs in the countries). All tests (/DTR and OTR) are completed on time. The required documentation to back up the test result is uploaded by the deadline to the appropriate system location.

Communicate the result to the control owner. If the controls are ineffective ensure that the significance and deadline for remediation is agreed with the control owner (before they are entered into Archer). Findings created are accurate existing findings reused when appropriate and the correct significance and deadline are selected.

Prior to deadline:

• Enter the overall conclusion effective ineffective or not applicable
• Upload the Excel test template to Archer (DTR/OTR)
• Upload the proof to Archer (for DTR sample of 1 i.e. one example of the control working effectively this can be loaded to Archer)
• Upload the proof to SharePoint OTR proof of the full required SharePoint as file size may be too big to load into Archer.

1. Verify closure of findings related to controls which they tested.

When a finding created by a tester is closed by the 1LOR. The tester must verify closure by:

• Enter the overall conclusion effective ineffective or not applicable
• Ensure that the Findings Manager has uploaded proof to support the closure of the finding
• Review the proof and ensure it verifies that closure is acceptable
• Add a 2LOR closure comment outlining why they think it is acceptable to close the finding
• Click on accept closure making the finding status go to Verified by 2LOR

1. Provide support to the 1LOR in improving controls design when needed to assure controls are designed in accordance with the Global/Local policies.

Your profile:

• Tertiary qualification(s) in Business studies/Finance.
• 5 years experience working in an Equipment Finance operational/securities or similar environment.
• Previous experience with Audit ICFR (SOX) and/or independent testing including documentation is an advantage.
• Professional experience with background in Risk Compliance and/ or Finance an advantage.
• Consultative approach to internal stakeholders to encourage and sustain company-wide support for process review improvement and controls implementation.
• Internal customer focus (Risk Legal Operations) to undertake process and control testing.
• Strong influencing and analytical skills.
• Strong understanding of audit process and control requirements.
• Good written and verbal communication skills.
• Able to elicit cooperation and support from key process owners.
• Ability to work for sustained periods with minimal supervision.
• Able to develop timetables for various tasks with competing priorities and re-prioritise tasks quickly and in line with management expectations.
• Sound understanding of leasing products preferred but not essential.

Settling in:

At DLL we consider our people our biggest asset. Thats why youll be treated as a member not just an employee. Together we create an informal but professional atmosphere that is hard to find elsewhere. We also encourage members to seek out the best skills across all our offices because the more networked we are as an organization the more effective we can be at seeing more than a customer and working harder as a partner.

All members enjoy:

Two working days per year volunteering for a local charity

Flexible hours with possibility to work from home (within job scope)

Career development opportunities: online learning member development programs Company insurance package

Flexible leave purchase Influenza vaccinations

Good to know:

• The job advertisement may close before the deadline of applications if a suitable candidate is identified.
• The selection process may involve an assessment.
• Applications via email will not be reviewed. Please apply online via our career website. DLLs referral program applies.
• Internal candidates in their current role for less than 12 months are not eligible.
• For more information you can contact Indie Bayliss our Talent Acquisition Partner on

Screening is part of the application procedure and DLL screens all new employees according to the DLL Global Screening Policy in order to ascertain whether the applicant may hold a position at DLL.