Corporate Third Party Oversight - Supplier Control - Issue Management Associate
The Supplier Assurance Services (SAS) and Corporate Third Partyorganizations are part of JPMC Global Supplier Services (GSS) and Third Party Operation& Control (TPOC). The SAS team executes Supplier Control Assessments onthird party Suppliers in accordance with JPMorgan Chase (JPMC) Third PartyOversight (TPO) and Supplier Assurance Services (SAS) Standards, supporting allLines of Businesses and Corporate Functions globally, including MortgageBanking (MB), Corporate Sector Functions and Technology (CS) and Consumer &Business Banking (CBB), Corporate & Investment Bank (CIB) and AssetManagement (AM).
As part of Supplier Assurance Services (SAS) and Corporate ThirdParty Oversight (CTPO), the SAS Risk Management function has been establishedto standardize and centralize assessment quality oversight and Supplier controlissue management activities.
The SAS Risk Management > Supplier Control Issue Managementteam improves quality and standardizes the approach to Supplier Control Issue Managementglobally. The team is responsible to:
- Manage entire Supplier Control Issue lifecycle
- Identify trends and common issues to resolve and improve Assessor and Stakeholder training focus areas
- Manage Supplier Control Issue activities (open, ensure description clarity, consistency, severity justification and documentation, close) in line with approved SAS Standards and Control Execution Guide
- Partner with SAS Assessors and Stakeholders to address common Supplier Control Issue challenges
As part of the SAS Control Issue Managementgroup, your day to day responsibilities will be to execute the standardization,creation and closure of Supplier Control Issues identified as part of the SupplierControl Assessments to help ensure overall Supplier Control Assessment quality.This includes responsibility to:
- Understand all aspects of the TPO Program and lifecycle
- Understand all aspects of the SAS Program and Supplier Control Assessment lifecycle and execution
- Manage entire issue lifecycle (identification, creation, modifications, extensions, and validate closure evidence) as per SAS Standards and Control Execution Guide
- Ensure High-High severity Supplier Control Issues are escalated as required to appropriate Stakeholders and/or RCSA
- Assist to analyze common Supplier Control Issues in order to develop issue and remediation themes and propose guidance
- Partner with SAS Assessors to understand the Supplier Control Issues identified as part of the Supplier Control Assessment processes
- Assist to develop guidelines and templates in order to standardize handling of common Supplier Control Issues
- Oversee documentation of Supplier Control Issues following SAS Standards and Control Execution Guide and using appropriate tools
- Understand and ably articulate the risk to the business due to Supplier Control Issues, Action Plans and Risk Acceptances
- Ability to review Supplier Control Issue closure evidence to determine if Issue is resolved and properly substantiated
- Assist to identify opportunities for continuous process improvements designed to deliver increasing operational effectiveness and efficiency in the Supplier Control Assessment processes and Supplier Control Issue Management procedures
- Assist to identify opportunities for improving Supplier risk posture as well as JPMC's Third Party Oversight and Supplier Assurance Services Programs, including expanded monitoring, metric tracking and reporting, etc.
- Assist to develop Supplier Control Issue Management key performance indicators to track progress, along with success criteria
- Support education, best practices, awareness and communication with stakeholders, peer functions and colleagues as well as Suppliers as needed
AboutJ.P. Morgan Chase & Co:
- 2 - 3 years of experience in Risk Management, Technology Audit or Information Security Risk function
- Experience in Information Technology within a large enterprise level environment, Quality Control or Quality Assurance function is a plus
- Understanding of Supplier Technology and Operational risk
- Complete understanding of Technology and Operational control policies
- Excellent verbal communication skills
- Strong written and verbal presentation skills at the management level across various business groups
- CISSP, CISM/CISA, CRISC, ISO27001 or CompTIA Security+ certification is a plus
J.P. Morgan serves one of thelargest client franchises in the world. Our clients include corporations,institutional investors, hedge funds, governments and affluent individuals inmore than 100 countries. J.P. Morgan is part of JPMorgan Chase & Co.(NYSE: JPM), a leading global financial services firm with assets of $2.1trillion. The firm is a leader in investment banking, financial servicesfor consumers, small business and commercial banking, financial transactionprocessing, asset management, and private equity. A component of the Dow JonesIndustrial Average, JPMorgan Chase serves millions of clients and consumersunder its JPMorgan and Chase, and WaMu brands.
JPMorgan Chase & Co. offers an exceptional benefits program and ahighly competitive compensation package. JPMorgan Chase & Co. is an EqualOpportunity Employer.