Risk, Compliance, and Assurance Lead

Date: June 09, 2025

   Ref. No: HEIN/HO/3280577/25

Vacancy Announcement

Position Title: Risk, Compliance, and Assurance Lead

Locations: Head Office

Job Grade: 15

Application Closing Date: June 22, 2025

Job Purpose:

The Risk, Compliance, & Assurance lead supports the P&CI Manager in running the P&CI Function.  Risk, Compliance, & Assurance lead is one of the trusted partners of P&CI. P&CI is a trusted partner for Local Management and Functions in achieving business objectives, driving, and implementing improvements in the organization’s processes, and strengthening the internal control environment. The P&CI function is the custodian of the HEINEKEN Internal Control Framework and the HEINEKEN Continuous Process Improvement (CPI) Framework in HEINEKEN Ethiopia.

The core activities of the Risk, Compliance, and Assurance lead are to support and advise the P&CI Manager, Local Management, and Functions in the following areas: 1) Controls Monitoring and 2) Process & Control Management 3. Continuous Process Improvement (CPI), these activities are driving the continuous improvement, monitoring/testing, design, and implementation of processes and controls. Additional areas include 4) Risk Management, 5) Compliance, 6) Fraud Management, and 7) The Risk, Compliance, and Assurance lead assists the P&CI Manager in coordinating the Lines of Defense activities (including Global Audit and External Audit).

Key Responsibilities

2.1 Control Monitoring  

• Monitor and test control effectiveness and drive the implementation of remediating actions.
• Deploy, Test, and Follow up Internal Control over Financial Reporting (ICFR) Controls
  • Complete ICFR Master File - Tab 1.0 to 4.0 Scope + Results
  • Complete ICFR Control Tests, Test Scripts - ToD & ToE steps (jointly with the Hub)
  • Upload – ICFR Control Tests
  • Complete & Upload – Self-Assessment Tests
  • Prepare ICFR Review Meeting Deck (Final) with Hub.
• Drive and follow up and report ICFR/Key control dashboard.
  • Particularly, work together with Control Performers to support the design and documentation (ICFR/Key control dashboard and controls documentation) of business processes by the Business, P&CI develop and roll out a global methodology for business process design and management. This ensures process management is carried out consistently across the OpCo to strengthen the control environment.
  • Validate and Report Monthly Key controls performed to the FD and MD.
  • Lead by guiding and providing existing methodologies like RACM and is aligned to HEINEKEN’s global policies and procedures. Local P&CI in conjunction with local and functional management is responsible for putting the methodology into practice.

and management methodology and RACM.

• Drive and Follow up SoD and ACM
  • Report: Monthly ACM progress report prepared & communicated
  • Remediation: facilitate/drive remediation activities; in line with an agreed plan
  • Mitigation: facilitate/drive mitigation activities; in line with an agreed plan
• Ensures as part of the P&CI function that the effectiveness of controls is monitored and/or frequently tested.
• Putting appropriate actions in place (agreed with Management). Tracks and monitors the progress of remediating activities.
  • Take the lead in follow-up and coordination to clear Global Audit findings.
  • Follow up on open issues and findings of HeiRule in Bwise
  • Push for action to make sure they are monitored and addressed before the deadlines stipulated per BWise.
  • Communicate with the Global office to close issues on Bwise.
  • Respond to any questions and assistance requested by the Global office related to the HeiRule issue.
  • Properly follow/attend HeiRule training and advice provided by the Global office and make it applicable.
  • Prepare monthly Bwise reports to the management.
• Improve the number of ineffective Internal Control Over Financial Reporting (ICFR) in line with an agreed plan.
  • Support the control owners in improving and mitigating ineffective ICFR controls.

2.2 Process & Control Management

• Working closely with the P&CI manager to ensure business processes and controls are appropriately designed, constructed, implemented, and maintained; and support the P&CI Manager in ensuring business processes, controls, and standards are effectively designed, constructed, implemented, and maintained.
• Drives jointly with Local Management the design and documentation of business processes and controls, applying the global process design and management methodology and HEINEKEN Enterprise Process Model (HEPM)
• Assesses the embedment of controls in the design of processes, including Process Performance Indicators (PPI) and Key Performance Indicators (KPI) defined by the Business.
• Verifies that PPIs and KPIs are monitored on an ongoing basis to identify any risks or opportunities for improvements (processes & controls)
• Identifies and reports any process activities that deviate from the global standard by Local Management to the P&CI Manager
• As RACM – a set of controls covering financial and operational risks P&CI Specialist are required to work together with Control Performers in designing and documentation of RACM controls in considering the following design principles:

• • • Purpose of the control and its relation to the risk
    • Adequacy of the control considering the risk
    • Competence and Authority of the person(s) performing the control.
    • Frequency with which the control is performed.
    • Level of aggregation of the control
    • Criteria for investigation (i.e., threshold) and for Follow-up
    • Dependency on other control(s) or information
    • Select controls relevant to Heineken Ethiopia and the Purpose of the control and its relation to the risk.
  • Check and validate the adequacy of the control considering the risk.
  • Prioritize controls based on OpCo’s needs.
  • Design controls for selected controls based on priority to Global Process designs.
  • Implement controls as a standardized process in all sites and
  • Follow up on implementations.
• Implement RACM changes and assess the impact on the ICFR control environment, to ensure the RACM (changes) is cascaded to the relevant processes/control owners and control performers within Heineken Ethiopia
• Review and facilitate the control deployment where needed as the HEINEKEN RACM scope covers both operational and financial reporting risk and controls. A selection of controls in the RACM is marked as relevant to Internal Controls over Financial Reporting (ICFR). Control work instructions and test scripts for each control are developed where needed to facilitate this review and deployment.

2. 3. Continuous Process Improvement (CPI).

• Provide direct support to the Head P&CI to embed a process improvement culture, drive process and control improvement, and realize benefits.

• Drive a culture of continuous improvement, benchmarking, and innovation.
• Build process improvement capabilities through training and people development.
• Challenge existing processes to identify improvement opportunities using benchmarks and external best practices.
• Quantify financial benefits and costs associated with improvement ideas. Analyze the impact of changes on processes and ways of working.
• Implement process improvements and inform Local Management about the progress regularly. Ensure that the global process improvement methodology (Lean / Six Sigma) is applied.
• Evaluate the success of the improvement projects and the benefits realized.

2. 3. Risk Management

• Provide direct support to the Head P&CI to lead the process of Risk Identification, Assessment, and Response and monitor existing and emerging risks.

• Drive the implementation of a comprehensive Risk Management (RM) framework.
• Identify relevant risks for the business. Analyses, measures, and evaluates risks.
• Conduct Risk Assessment by running risk workshops with the Business, ensure relevant risk templates and documentation are used, and drive the creation of risk responses. This also includes new and emerging risks.
• Develop specific action plans to mitigate, accept, or transfer risk and monitor progress on an ongoing basis and report to Hub.

2. 3. Fraud Management

• Provide direct support to the Head P&CI to improve fraud prevention and detection and support fraud investigation when required.
• Drive fraud prevention and detection through identifying fraud risks and addressing them through strong process and control design and testing.
• Discuss and support incident assessment, following the Anti-Fraud procedure (P&CI may be requested on an exceptional basis to investigate specific fraud incidents that are related to business process controls).
• Support fraud investigation when requested by Local Management, Global Legal Affairs or Global Audit.

2. 3. Compliance Management:

• Provide direct support to the Head P&CI to provide assurance that processes and controls are designed, implemented, and operating in line with the relevant policies, procedures, and HEINEKEN Rules.

• P&CI is informed about policy changes and assesses the impact on existing control frameworks. Provide advice, support, and challenges during the implementation of policies (global & local).
• Register, track, and log policies & procedures. This includes the review and challenge of the self-assessment activities.
• If requested, provide advice, support, and challenge to the design of policies (global & local).

2. 3. Assurance Activities

• Provide direct support to the Head P&CI to support Global and External Audit to efficiently plan and execute audits and to drive closure of audit findings.

• Plan, lead, and execute internal audits to evaluate the risks and the established controls in all business processes in Nigerian Breweries Plc.
• Work with Global Audit to ensure a consistent and efficient audit plan is adopted.
• Support and/or execution of audits in global audits (inside or outside of the OpCo) at the request of the Audit Committee, via Global Audit.
• Support the audit by providing information or specialist input where required (Local P&CI team members may perform control testing or other audit activities on behalf of Global Audit when agreed with OpCo FD/FM).
• Define and execute remediation plans (in agreement with Management). Track and monitor the progress of remediating activities.
• Work closely with external auditors concerning the Financial Controls Audit to enable reliance on the work of internal audit, thus driving reductions in the overall audit fees.

People and Personal Development

• Ensure effective Performance Management through the creation of a Personal Development Plan: working on the development targets formulated in the Personal Development Plan throughout the year to improve the competencies and skills of the P&CI Analysts & Assistants.
• Regularly review and align relationships with other Lines of Defense.
• Identify requirements and build key knowledge in line with functional competencies.
• Set realistic stretching targets and monitor the performance of P&CI Specialists/Analysts. Provide regular feedback, not limited to mid- and end-year appraisals.
• Create, develop, and foster strong and professional relationships with business partners.
• Promote teamwork, knowledge sharing.

Job Requirements

Education

• Bachelor's degree, preferably in Finance, Accounting, or Project Management

Experience and skills required

• 3-5 years in Risk management, Compliance, and assurance activities
• Preferably an experienced Business user
• Standard application software skills
• Navision experience is preferred.

Please note the below:

• It is essential that applicants discuss with their line managers before applying            
• Interested applicants should send their application to the link sent on the email
• Applications sent after the closing date will not be considered
• This is a local position for Heineken Ethiopia OpCo

FEMALE APPLICANTS ARE HIGHLY ENCOURAGED TO APPLY!