WHSmith North America
Job Summary
We are seeking a detail-oriented
Business Analyst
ITGC & Application Framework
to bring expertise in General Controls (ITGC) and application governance frameworks. This role is responsible for analyzing, documenting, and supporting IT processes, ensuring compliance with audit and security standards, and aligning IT applications with business and regulatory requirements. The Business Analyst will work closely with IT, audit, compliance, and business teams to evaluate risks, streamline processes, and provide recommendations for control improvements. Key Responsibilities Serve as liaison between business stakeholders, IT teams, and audit/compliance groups to define and document requirements for ITGC and application framework controls. Analyze current IT processes, identify control gaps, and propose solutions to improve governance, risk management, and compliance. Assist in developing and maintaining ITGC documentation, including process flows, risk-control matrices, and evidence collection procedures. Support internal and external audits by coordinating control testing, gathering evidence, and responding to auditor inquiries. Monitor compliance with IT policies, procedures, and regulatory frameworks (e.g., SOX, SOC, COBIT, NIST, ISO). Provide business analysis support for system enhancements, application changes, and integrations, ensuring proper governance and control requirements are incorporated. Collaborate with application owners and developers to ensure new systems or updates adhere to ITGC and governance frameworks. Document requirements for access controls, change management, data integrity, and segregation of duties. Facilitate workshops, interviews, and working sessions to gather business and compliance requirements. Assist in implementing tools and processes to automate compliance monitoring where feasible. Track and report on remediation efforts for identified ITGC deficiencies or audit findings. Contribute to continuous improvement initiatives around IT risk, compliance, and control frameworks. Qualifications Bachelors degree in Information Systems, Computer Science, Business Administration, or related field. 35+ years of experience as a Business Analyst in IT governance, ITGC, audit, or application frameworks. Strong knowledge of ITGC areas: access management, change management, operations, and computer operations. Familiarity with regulatory and industry frameworks such as SOX, SOC, COBIT, NIST, ISO 27001. Experience with enterprise applications, ERP systems, or SaaS platforms. Excellent skills in process mapping, documentation, and business analysis.
Business Analyst
ITGC & Application Framework
to bring expertise in General Controls (ITGC) and application governance frameworks. This role is responsible for analyzing, documenting, and supporting IT processes, ensuring compliance with audit and security standards, and aligning IT applications with business and regulatory requirements. The Business Analyst will work closely with IT, audit, compliance, and business teams to evaluate risks, streamline processes, and provide recommendations for control improvements. Key Responsibilities Serve as liaison between business stakeholders, IT teams, and audit/compliance groups to define and document requirements for ITGC and application framework controls. Analyze current IT processes, identify control gaps, and propose solutions to improve governance, risk management, and compliance. Assist in developing and maintaining ITGC documentation, including process flows, risk-control matrices, and evidence collection procedures. Support internal and external audits by coordinating control testing, gathering evidence, and responding to auditor inquiries. Monitor compliance with IT policies, procedures, and regulatory frameworks (e.g., SOX, SOC, COBIT, NIST, ISO). Provide business analysis support for system enhancements, application changes, and integrations, ensuring proper governance and control requirements are incorporated. Collaborate with application owners and developers to ensure new systems or updates adhere to ITGC and governance frameworks. Document requirements for access controls, change management, data integrity, and segregation of duties. Facilitate workshops, interviews, and working sessions to gather business and compliance requirements. Assist in implementing tools and processes to automate compliance monitoring where feasible. Track and report on remediation efforts for identified ITGC deficiencies or audit findings. Contribute to continuous improvement initiatives around IT risk, compliance, and control frameworks. Qualifications Bachelors degree in Information Systems, Computer Science, Business Administration, or related field. 35+ years of experience as a Business Analyst in IT governance, ITGC, audit, or application frameworks. Strong knowledge of ITGC areas: access management, change management, operations, and computer operations. Familiarity with regulatory and industry frameworks such as SOX, SOC, COBIT, NIST, ISO 27001. Experience with enterprise applications, ERP systems, or SaaS platforms. Excellent skills in process mapping, documentation, and business analysis.