Risk Management And Internal Controls Professional Experienced risk management and internal controls (RMIC) professional with deep experience implementing OMB Circular A-123, GAO Green Book/FAM, and DoD internal control guidance, leveraging eGRC/ServiceNow to produce audit-ready process and control documentation and deliver executive-level briefings. Skilled in driving DAF-wide RMIC progress through organizational change management and cross-stakeholder coordination, while consuming and consolidating large datasets to support enterprise reporting and third-party/IT control monitoring. Technical Skills Internal control framework execution: design and perform A-123/GAO Green Book/FAM/DoD PCN-aligned control work, including process/control documentation and audit-ready deliverables. Walkthroughs & gap assessment: plan, conduct, and document walkthroughs; perform Process Control Matrix (PCM) analysis to identify and document control gaps and remediation needs. Stakeholder quality & change enablement: provide technical review/standardization feedback across DAF-wide stakeholders; apply change management practices and strong technical writing to mature RMIC artifacts (policies, SOPs, agreements). Communication & Interpersonal Skills Executive communication: Develop and deliver senior-leader briefings on walkthrough results, findings, recommendations, and RMIC status. Cross-stakeholder facilitation: lead discussions and align requirements across functional/financial teams and DAF-wide/external stakeholders (e.g., IPA, service auditors, AUs, system owners, service providers) Technical writing: Produce clear, concise, audit-ready documentation (e.g., process control matrices (PCMs)) with strong attention to detail and accuracy. Expertise with Regulations and Guidance: Office of Management and Budget (OMB) Circular No. A-123: Management's Responsibility for Enterprise Risk Management and Internal Control Government Accountability Office (GAO) Green Book (GAO-14-704G): Standards for Internal Control in the Federal Government Department of Defense Instruction (DoDI) 5010.40: DoD Enterprise Risk Management and Risk Management and Internal Control (RMIC) Program Additional desired skillsets (nice to haves but not necessarily required): GAO Framework for Managing Fraud Risks (GAO-15-593SP) GAO Financial Audit Manual (FAM) (GAO-22-105895): Vol. 1 (Jun 2024) and Vol. 2 (Jun 2025) Technical Skills ServiceNow eGRC / Integrated Risk Management (IRM) administration and workflow integration (test & production), including centralized internal controls repository management. Data analytics & reporting: consolidate large, siloed RMIC datasets into enterprise-level reports, executive summaries, visualizations, and annual Statement of Assurance (SoA) deliverables. Third-party/IT controls oversight: assess service-provider controls (including SSAE 18), evaluate materiality, and monitor Complementary User Entity Controls (CUECs) impacting financial reporting. Required qualifications outside of the normal LCAT requirements (required): Active DOD Secret clearance Bachelor's degree Minimum 4 years of relevant experience