Ana Cunha

Global Access Compliance Manager

Czechia

About

I specialize in SAP Security & Authorizations, SOX compliance, SAP GRC, and SAP S/4HANA migration projects, supporting through complex transformation initiatives while ensuring governance, risk management, and regulatory compliance. Throughout my career, I have worked in multinational environments, collaborating with cross-functional and international teams to design, implement, and optimize SAP security concepts across multiple SAP modules. My experience spans full project lifecycles—from assessment and design to implementation, testing, go-live, and post-production support.

Experience

  • Johnson & Johnson (11 yrs)
    • Global Services Risk & Compliance Manager
      Feb 2024 - Present · 2 yrs 6 mos

    • Global User Access Compliance Manager
      Nov 2017 - Present · 8 yrs 9 mos

      - Set up goals for the User Access Management Team; - Define team strategies and deliver on the Organization’s expectations for productivity and quality; - Oversee SAP Security set up changes; - Work closely with SAP Security and GRC technical teams; - Coach, mentor and develop staff; - Cooperate with Regional counter-parts and communicate regularly with other Managers and Directors; - Plan, evaluate and improve processes and take decisions in alignment with the Organization policies and procedures. - Work on the optimization of security and user access and segregation of duties processes, driving continuous improvement.

    • User Management Team Lead
      Aug 2015 - Present · 11 yrs

      - Motivate, develop and ensure strong performance within the User Management Team; - Prioritization and assignment of the team’s tasks; - Individual performance feedback sharing; - Team progress monitoring and reporting to senior level management; - Continuously identify opportunities to standardize and centralize user access and segregation of duties processes and controls; - Ensure successful internal and external audits.

  • Johnson & Johnson (3 yrs 1 mo)
    • User Management Specialist
      2012 - 2015 · 3 yrs

      - Coordinate operational user access and segregation of duties processes & controls; - Proactively identify User Access Management related risks & propose adequate and efficient corrective actions to mitigate gaps; - Ensure compliance with all Sarbanes-Oxley and all other internal control and regulatory requirements; - Provide support and compliance advice to end users and stakeholders; - Support Roll Out Plans and Go Lives.

    • Accounts Payable Reconciliation Specialist
      2012 - 2013 · 1 yr

      - Ownership of the Credit Note Recovery process together with the periodic Ageing reporting; - Periods closing in financial accounting; - Providing with hyper care activities to affiliates during Roll Outs and Go Lives.

  • Accounts Payable Internal Auditor at Johnson & Johnson
    Dec 2009 - Mar 2011 · 1 yr 4 mos

    - Invoice quality check; - SAP Reporting; - SAP Quality testing; - Accounts Payable trainer.