CV/Mission de Consultant sox freelance

Exemple de missions d'Abderrahim,
Consultant sox habitant les Yvelines (78)

Expérience professionnelle

2022/9 à ce jour Sr. Consultant SAP Cybersécurité – Saint Gobain, France…
Conseil en Cybersécurité SAP & Support des Auditeurs
 Conseil en Cybersécurité
 Support des Auditeurs
 Remédiation des Risques

2022/1 à 2022/10 Sr. Consultant GRC & Autorisations – KWS, Allemagne…
Concept des Autorisations TM - Transportation Management (SAP Fiori 2021 & S/4 Hana 2021)
 Analyse des besoins métiers
 Création de Catalogues, Tuiles & Groupes
 Conception et création des rôles
 Recette et gestion des tests
 Gestion des incidents

2022/1 à 2022/3 Expert GRC – Sanofi, France…
Fusion de 2 environnements SAP GRC
 Analyse des écarts
 Conseil
 Rédaction des specifications

2021/7 à 2022/6 Partner | Sr. Consultant SAP Sécurité | Consultant Avant-Vente – Xiting, Allemagne

2021/1 à 2021/8 Manager / Sr. Consultant GRC & Autorisations – Inetum, France…
Concept des Autorisations (SAP Fiori 5.0 & S/4 Hana 18.09)
 Analyse des besoins métiers
 Revue et mise à jour de la matrice des risques
 Création de Catalogues, Tuiles & Groupes
 Conception et création des rôles

2019/12 à 2020/12 GRC & Authorizations Lead – Klépierre, France…
⦁ Supporting IT & Business Audits
⦁ Supporting & testing SOX key controls
⦁ Work with the Business & Technical Teams
⦁ Monthly UAR, Audit & Remediation of 15 Business applications: SAP ECC, SAP BW, Kyriba…
⦁ Roles Design & Build
⦁ Troubleshooting

2018/9 2019/11 SAP GRC Senior Consultant – Riscomp, Switzerland

SAP GRC Access Control 10.1 – 12.0
⦁ EAM - Emergency Access Management Design & Build
⦁ ARA – Access Risk Analysis Design & Build
⦁ ARM – Access Request Management Design & Build
⦁ BRM – Business Role Management Design & Build
⦁ Access Control roles Design & Build

2019/1 to 2019/4 SAP GRC Senior Consultant / SAP Authorizations Architect – Roquette, France, Italy…

SAP GRC Access Control 10.1
⦁ EAM - Emergency Access Management Design

Authorizations Architecture
⦁ TM – Transportation Management roles Design & Build

2018/2 to 2018/8 SAP Authorizations Architect – Tarkett, France

Authorizations Architecture

⦁ Workshops leading
⦁ Stakeholders actions coordination
⦁ Business needs analysis
⦁ Authorizations Matrix (Functions, Roles, Transactions, Org. Level, Authorization Objects…) design
⦁ UAT coordination

2017/9 to 2018/1 SAP GRC & Authorizations Senior Consultant – Safran

SAP GRC Process Control 10.1
⦁ Presentation of Process Control methodology
⦁ Workshops leading
⦁ Design & Build of Master Data: Organization, Process, Subprocess, Control, Regulations & Policies
⦁ Design & Build of Data Source & Business Rule
⦁ Compensating Controls set-up in Process Control and Unit Testing
⦁ Create Job in Automated Monitoring
⦁ Job Monitoring
⦁ Key Users training on Process Control

SAP GRC Access Control 10.1
⦁ Workshops leading
⦁ EAM Emergency Access Management Design & Build
⦁ ARM Access Request Management, Workflows Design & Build
⦁ Training leading

Risk Remediation plan
⦁ Workshops leading
⦁ Role remediation
⦁ User remediation

2017/5 to 2017/8 SAP Authorizations, Governance, Risk & Compliance Architect – Bolloré T&L, France

Writing documents
⦁ Security & Authorizations Concept
⦁ Roles Naming Conventions

Access Control 10.1
⦁ Risk matrix update
⦁ Post installation of SAP Access Control 10.1
⦁ Configuration of SAP GRC Access Control

Design & Build of GRC 10.1, TM 9.4, EM 9.2, EWM 9.4, GTS 11, S/4 HANA 16.10, Fiori 2.0 project roles

2016/9 to 2017/4 SAP Authorizations, Governance, Risk & Compliance Expert – CMA CGM

GRC & Authorizations Advisory
Offshore Team Management
Design of BI/GRC Dynamic Authorization Concept
Design of BI/CRM Authorization Concept
Maintenance & Support of GRC / Authorizations (GRC 10.1, ECC 7.4, BW 7.4, CRM 7.0, SOLMAN 7.1, Fiori)

2015/12 to 2016/8 SAP Governance, Risk, Compliance Team Leader – Sanofi, France

Maintenance & Support of Access Control
Team management

Authorizations Design, Build & Go-Live (SAP Fiori)

⦁ Analysing business needs
⦁ Designing and building roles
⦁ Mass roles creation
⦁ User Acceptance Test Management
⦁ Defect management
⦁ Mass users master record build
⦁ Documentation writing
⦁ Team Management

2015/1 to 2015/11 SAP Governance, Risk, Compliance & Audit Consultant – Total, France

Authorizations Design, Build & Go-Live

⦁ Analysing business needs
⦁ Designing and building Master and Derived roles
⦁ Mass roles creation
⦁ User Acceptance Test Management
⦁ Defect management
⦁ Mass users master record build
⦁ Documentation writing

Upgrade – Access Control 10.1

⦁ Risk matrix update
⦁ Post installation of SAP Access Control 10.1
⦁ Configuration of
Access Risk Analysis
Emergency Access Management
Role Management
⦁ Test and acceptance-test management

2013/6 to 2014/12 SAP Governance, Risk, Compliance & Audit Consultant – Renault, France

Upgrade – Access Control 10

⦁ Post installation of SAP Access Control 10
⦁ Configuration of Access Risk Analysis, Workflow for Access Control, Emergency Access Management & Role Management
⦁ Build of workflows (MSMP, BRF+, decision tables, Workflow setup)
⦁ Test and acceptance-test management

2013/4 to 2013/5 SAP Governance, Risk, Compliance & Audit Consultant – Siemens, Spain

SOX Remediation

⦁ Controls review and update
⦁ Remediation & Mitigation plans proposal

2012/11 to 2013/3 SAP Governance, Risk, Compliance & Audit Consultant – French Ministry of Justice

HR LSO Authorizations Blue-Print, Design, Build & Go-Live

⦁ Analysing business needs
⦁ Enabling PD PA switch and the main Structural Authorization switches (HR)
⦁ Designing and building Master and Derived roles
⦁ User Acceptance Test Management
⦁ Defect management
⦁ Transport Management (Authorization Objet, Structural Profiles and Rôles)
⦁ Go-Live and Post Go-Live support
⦁ Documentation

2012/3 to 2012/10 SOX Auditor / SAP Application Manager – Siemens Financial Services, France

SOX audit of SAP accounting – Management of SAP application

⦁ Controls review and update
⦁ SOX reports analysis
⦁ Remediation & Mitigation plans proposal
⦁ Internal Auditors support
⦁ Change Management

2012/2 to 2012/2 SAP SOX Consultant – Renault, France

Design of SOX matrix applied to SAP HR

⦁ SOX workshops organizing
⦁ Design of SOX matrix (HR)

2011/3 to 2011/12 SAP SOX Consultant – Alcatel-Lucent, France

ApprovaOne tool implementation - SOX remediation

⦁ Design and implement SOX conflicts free roles
⦁ Design and implement compensation controls in line with business team and audit planning
⦁ Implement control procedures for SAP Authorizations team
⦁ Support the audit, provide evidences
⦁ Design and build of rules in ApprovaOne – Authorizations Insight

2010/10 to 2011/2 SAP GRC Consultant – Renault, France

SAP GRC CUP implementation - Request access workflow design

⦁ Drafting of the functional specifications document
⦁ Post installation of SAP GRC Compliant User Provisioning
⦁ Configuration of CUP
⦁ Design and build of workflows
⦁ UME management
⦁ Test and acceptance-test management
⦁ Roll-out
⦁ Post Go-Live support
⦁ Documentation

2009/09 to 2010/09 SAP HR Security & Authorizations Consultant – French Air Force

HR Authorizations Blue-Print, Design, Build & Go-Live

⦁ Enabling PD PA switch and the main Structural Authorization switches (HR)
⦁ Creating Organizational Plan
⦁ Creating Profiles
⦁ Creating Custom Authorization Objects
⦁ Designing and building Master and Derived roles
⦁ User Acceptance Test Management
⦁ Defect management
⦁ Transport Management (Authorization Objet, Structural Profiles and Rôles)
⦁ Mass users master record build (70 000)
⦁ Testing, Rehearsal and preparing for the Go-Live
⦁ Go-Live and Post Go-Live support
⦁ Documentation update

2008/11 to 2009/07 SAP Governance, Risk, Compliance & Audit Consultant – British Petroleum, UK

Migration of BW to BI (authorizations) - Rebuild of BI roles & Authorizations

⦁ Roles rationalisation
⦁ Creating Custom Analysis Authorization Object
⦁ Adding Authorization Object to roles
⦁ Building BW menu and authorization roles
⦁ Upgrade of BW 3.5 to BI 7.0
⦁ User Acceptance Test Management
⦁ Defect management
⦁ Mass users master record maintenance with Quick Test Pro 7.3
⦁ Transport Management (InfoObject, Analysis Authorization and Roles)

2008/01 to 2008/10 SAP Governance, Risk, Compliance & Audit Consultant – RTL Group, Luxembourg, Germany, UK, France & Australia

Migration of BW to BI (authorizations) - Rebuild of BI roles & Authorizations
Design & build of worldwide roles template (MM, SD, CO & FI modules)

⦁ Analysing business needs
⦁ Analysing client workflow, rules and constraints
⦁ Designing and building Master and Derived roles (by profit-center, cost-center…)
⦁ Upgrade of BW 3.5 to BI 7.0
⦁ Building BW menu and authorization roles
⦁ Making Info Object Authorization-Relevant
&...