AbbVie

Director, IT Compliance

Employer
AbbVie
Location
Lake County, IL, US
Posted
Dec 04, 2018
Ref
1806372
Required Education
Bachelors Degree
Position Type
Full time
The Director of IT Compliance Services is a critical leadership role accountable for developing and implementing AbbVie's IT compliance strategy in collaboration with Information Security, Quality and business compliance leadership.

This position will be responsible for:
  • Defining and Executing the IT Compliance Strategy
  • Establishing a Regulatory Intelligence Program for IT Compliance
  • Defining, Launching and Operating IT compliance services for the organization
  • Defining and Executing a Sustainable Training & Audit Readiness Program
  • Partnering & Influencing Key AbbVie Organizations


Primary Responsibilities Include:

Define and Execute the IT Compliance Strategy
  • Understand the corporation's vision, goals, and ITO's strategies.
  • Develop the IT Compliance Strategy, Roadmap and Organizational design to ensure IT compliance with new and upcoming regulations. Scope includes: SOX, Safe Harbor, HIPAA, PCI, Data Integrity, Commercial/ Ad Promo rules, Product Device Software applications, Infrastructure change control, Security controls, etc.
  • Define Best in Industry IT Policies to remain in compliance with regulations while implementing a risk-based approach for an agile BioPharma company.
  • Establish an IT Management Review to include IT Compliance KPIs for internal AbbVie and with Key IT Partners (e.g. HP, Unisys, EMC).
  • Define, launch and operate IT Compliance services. Develop value-based criteria and thresholds to migrate current IT Compliance activities to incorporate IT services concepts - establish IT Compliance Service Catalogue which may include services such as:
    • Compliance Lifecycle Services
    • Assessment Services
    • Strategic Planning Services
    • Advisory Services
  • Develop a continuous improvement program focused on business value, process optimization, cost avoidance, cost reductions and IT "Speed to Market"


Establish a Regulatory Intelligence Program for IT Compliance

Define a Holistic Global Program around Regulatory Intelligence focused on IT Compliance
  • Track, trend and share industry updates involving IT systems and practices. Evaluate AbbVie's compliance and develop and track plans to remediate.
  • Develop a communication plan to disseminate key guidance, rules and standards to the organization for IT Practitioners to understand and implement.
  • Best in Class Benchmarking with industry peers to establish requirements for compliance while supporting innovation and improved agility and IT "Time to Market"


Define and Execute a Sustainable Training & Audit Readiness Program
  • Establish an IT Compliance Training Plan to include principles on:
    • Applicable Laws, Regulations, and Definitions
    • Global Regulatory Agencies overview
    • Warning Letters and Statements of Non-conformance
    • Commercial & Ad Promo Rules
    • Internal IT Audit Process
    • Share audit findings and lessons learned across IT for continuous improvement
    • Compliance importance and impact to our patients
  • Develop business ready tools to facilitate and simplify IT compliance.
    • Prepare and establish guidelines and toolkits as Audit "Defense" packages for enterprise IT systems, infrastructure, security, plant and affiliate Audit Support
    • Establish tools and techniques for IT practitioners to translate requirements/policies/ procedures into easy to follow checklists for implementation, tailored to ITOs with a risk-based approach
    • Develop tools to track, remind and document compliance evidence for compliance areas
  • Establish a program to request and support Mock Audits around new IT systems and requirements


Partner & Influence Key AbbVie Organizations

Build and maintain productive relationships with all levels in the AbbVie IT organization, business functions, and with external partners to support business strategies:
  • Align with SQA organizations to support effective communications and define common standards across ITOs and VRBs
  • Communicate to and receive strategic direction from IT Senior Staff
  • Guide and lead strategy and goals for the IT Compliance Managers

Manage Human Resource Strategy for the team
  • Design, implement and manage the human resource strategy for the team, including succession planning, career path progression planning, leadership development, skill benchmarking, and resource prioritization and optimization for 15+/- colleague staff and a third-party service workforce
  • Recruit, select and retain colleague staff including the long term development of organizational capabilities and capacity to match business demands and workloads
  • Organize, prioritize and manage work assignments for the team, including third-party service providers

Track Financial Performance
  • Define service cost for meaningful unit of measure and calculate impact of service on AbbVie's Profit & Loss
  • Secure appropriate service financing in conjunction with other Service Managers or relevant IT leadership
  • Lead annual budgeting process for all applicable cost centers
  • Manage and track financial performance of the service at or below relevant value benchmark


Basic:
  • Bachelors degree. MS/MBA preferred.
  • 15+ years of overall IT experience, including 5+ years focus on Compliance and Regulated Processes
  • Expertise in, ISO standards, Software Development Lifecycle (SLC) processes, IT Validation practices, SQA practices, and SOX, HIPAA, PCI, etc. regulations around IT systems
  • Ability to travel globally.


Preferred:
  • Ability to consistently apply a service oriented approach to IT compliance while working with various stakeholders, develop updated service processes and technology elements that are easy transition to operation
  • Ability to identify and prioritize continual improvement opportunities, including developing improvement approach alternatives, opportunity cost and estimates of net benefit impact
  • Ability to develop business focused balanced scorecards that articulate IT compliance level, service quality and cost

Equal Opportunity Employer Minorities/Women/Veterans/Disabled