Markus Wagner

• Manage and resolve internal & external IT audit findings, ensuring compliance and
alignment with IT systems.
• Develop and deliver enterprise-wide training & awareness to strengthen ICFR practices and
role-based responsibilities (Assessor/Reviewer/CFO/IT ICFR Coordinator).
• Oversee and refine the IT Control Set in collaboration with external auditors; drive
continuous improvement and methodology updates (Self assessments).
• Orchestrate governance, coordination, and reporting for IT Controls (ICFR) as part of the 2nd
Line of Defense, bridging IT operations and Audit/Compliance (focus on role clarity and
three-lines).
• Maintain and coordinate the assessment of ITGC controls in the SAP-based Internal Control
Monitoring (ICoM) system; ensure timely execution of control assessments, generate
management reports, and initiate issue/remediation workflows when ratings are orange.
• Advise and train stakeholders (assessors, reviewers, Single Point of Contact (SPOC)) and
ensure timely completion of Control Framework Assessment (CFA) and CIO Certification
Leters (management-level CFA roles & due dates).
• Prepare and present reports on control effectiveness & compliance status to management;
align with ICFR commitees/governing bodies.

• Improved IT risk management processes and supported rollout of international security
projects across regions.
• Conducted security reviews, assessments, and audits to evaluate compliance and identify
risks; collaborated closely with development teams and stakeholders for transparency.
• Worked with GRC automation tools (RSA Archer, ServiceNow) to support risk analysis, issue
tracking, and control lifecycle management.

• Governed ISO 27001 through internal audits and supported certification readiness.
• Advised on security tools and processes; implemented protective measures and tracked
remediation.

• Conducted IT risk assessments; led security awareness initiatives and training.
• Supported internal audits and ISO 27001 certification preparation.

• Managed backend systems for customer provisioning and lifecycle processes, including
backup and data management.

• Delivered GIS training; performed SAP account assignments; provided 1st & 2nd level
support.