Company
ZR Consultants (ZRC) is a successful business consulting firm specialising in Governance, Risk and Controls with a track record of delivering large scale projects which include SOX Compliance (Sarbanes Oxley), Business and IT Controls Transformation (SAP4/HANA, ORACLE Fusion Control & process design), Controls rationalisation and optimisation, Internal Audits, ESG, and regulatory compliance to clients all over Europe.
Established in 2003, we have expanded rapidly over the last 6 years and have amassed a number of global Blue-Chip clients. As we continue to grow, we remain dedicated to delivering high quality, cost-effective services to our clients and expanding our global reach. To learn more please visit www.zrconsultants.co.uk
Role Overview
ZR Consultants is seeking an experienced Risk & Controls Manager to lead a structured internal controls assessment and improvement programme. The role is primarily focused on establishing a fact-based view of the current controls environment, assessing regulatory and governance alignment, and delivering a pragmatic, prioritised roadmap for remediation and improvement.
The ideal candidate will possess expertise in assessing and evaluating controls across financial, operational and technology environments, including IT General Controls (ITGCs) such as access, change management and IT operations; IT Application Controls (ITACs); End User Computing (EUCs); Information Produced by Entities (IPEs); and Segregation of Duties (SOD). They will have a proven track record assessing control maturity across key processes including P2P, R2R, Fixed Assets, Billing, Leases, Revenue and Service Charges, and evaluating critical data flows that underpin management and statutory reporting.
Crucially, you must have demonstrable experience benchmarking controls against the UK Corporate Governance Code (Provision 29), PSIAS and NAO expectations, defining maturity targets, establishing clear accountability frameworks including pragmatic RACIs across the three lines of defence, and translating assessment findings into prioritised remediation roadmaps aligned to ERP and operating model transformation.
Please note that this role will be delivered on a Hybrid schedule with some of the delivery phases required in office (London based).
Key Responsibilities
Business Controls
· Assess, evaluate and challenge the design and operating effectiveness of business risk and controls across all in-scope areas
· Define scope and materiality thresholds to prioritise assessment activity and focus on the highest-risk processes and data flows
· Produce comprehensive process documentation, including process narratives and Risk and Control matrices
· Identify and document control gaps, distinguishing design weaknesses from execution and capability issues
· Conduct Design Effectiveness Assessments (DEA) and Operational Effectiveness Testing (OET) of key business controls
· Develop and implement remediation strategies for identified business control gaps
· Track and monitor Remediation efforts and re-test to closure
IT Controls
· Assess, challenge and evaluate ITGC risk and controls across in-scope applications, databases and systems
· Knowledge of IT General Controls (ITGC) and IT Application Controls (ITAC) sufficient to engage credibly with IT teams and assess control interfaces between business and IT processes
· Review and challenge IT control documentation where it intersects with business process controls, ideally within a Microsoft Dynamics environment
· Support the identification of IT control deficiencies that have a direct impact on business process risk
Stakeholder Engagement & Change
· Operate and influence at board, CFO and C-suite level, with demonstrable experience managing complex stakeholder environments and driving consensus across competing priorities
· Plan and facilitate structured workshops to assess processes, identify control gaps and drive stakeholder alignment on findings and remediation priorities
· Deliver clear, structured presentations to boards, C-suite and senior leadership, communicating complex control findings in accessible and actionable terms
· Manage relationships with external and internal auditors, reporting clearly and consistently
· Be confident and persistent in obtaining required evidence promptly, escalating delays where necessary
General
· Apply knowledge of Internal Control Over Financial Reporting (ICFR) provisions and methodologies
· Contribute to the continuous improvement of the client's risk and control framework
· Document methodologies and assurance processes in line with UK Corporate Governance Code standards
· Stay current on relevant regulatory requirements and industry best practices
Qualifications & Skills
Required
· 8+ years of Risk & Controls, ICFR, internal controls assessment or assurance experience
· Proven experience in controls assessment, gap identification and remediation at senior level
· A working understanding of IT General Controls (ITGC) and IT Application Controls (ITAC), with the ability to identify and assess IT risks that impact business processes
· Demonstrable experience benchmarking controls against UK Corporate Governance Code (Provision 29), PSIAS or NAO standards
· Accounting qualification (ACA, ACCA, CIMA or equivalent)
· Strong knowledge of accounting, auditing, and legal and financial systems
· Proficient in Microsoft Office suite including Visio
· Available for immediate start
Preferred
· ERP transformation experience (e.g. Microsoft Dynamics, SAP S/4HANA, Oracle Fusion)
· CPA, CIA, CISA, or other relevant professional certifications
· Experience with control frameworks such as COBIT and COSO
· Experience working in public sector or regulated environments
· Knowledge of relevant UK regulatory requirements and emerging governance standards
Technical Skills
· Expertise in internal control testing methodologies including DEA and OET
· Strong analytical and problem-solving abilities
· Experience in process analysis, risk assessment, and data analysis and reporting tools
Soft Skills
· Excellent communication, presentation and stakeholder management skills, with demonstrable experience engaging at C-suite and board level
· Strong change management capability with the ability to influence without authority
· High attention to detail and strong organisational skills
· Adaptability and willingness to operate in a fast-paced, dynamic environment
Agencies, please note we are not looking for your support on this recruitment
Equal Opportunities
As a proud Ethnic Minority Owned Business, ZR Consultants is an equal opportunity employer, and we value diversity in our organisation. We welcome applications from candidates with diverse backgrounds and perspectives.
Pay: £450.00-£600.00 per day
Benefits:
- Company pension
- Referral programme
Application question(s):
- Please paste your Linkedin profile address here - thank you
- Do you have experience of delivering in the UK Public Sector?
- Do you have experience of designing controls from scratch?
- We require individuals who will be able to commence engagement in June/July. Please indicate your availability or notice period.
- Have you developed a Risk & Control Matrix from scratch?
Education:
Experience:
- Business Controls : 8 years (required)
- IT Controls: 3 years (preferred)
- ICFR: 5 years (preferred)
- ERP Transformation : 3 years (preferred)
Language:
Licence/Certification:
- accounting qualification (required)
- technical qualification (preferred)
Work authorisation:
- United Kingdom (required)
Willingness to travel:
Work Location: Hybrid remote in London W1T
