Menu
In as much as we take effort and due diligence to confirm the authenticity of the vacancies we post here for jobs in , at this moment, our methods are not fool proof. We urge you not to pay any money for any job offers. iHarare Jobs take no responsibility for any loss of financial value. Please be cautious!
Technology Risk Manager
Posted in I.C.T
3 years ago
Description :
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
This role can be based in Angola, Botswana, Mauritius, South Africa, Zambia or Zimbabwe.
The Role Responsibilities
Risk Management
Reporting to the Chief Information Officer, Southern Africa.
Support the Country Technology Manager's and other Technolgy & Innovation staff within the Southern Africa Cluster in the management and implementation of the Operational Risk framework and other relevant Operational Risk initiatives, including ensuring proper functioning of embedded and periodic controls.
Responsible for the timely identification, reporting and escalation of all identified Operational Risk exposures.
Assist in the identification of new business and regulatory risks and the implementation of appropriate controls to mitigate those risks.
Drive improvement in risk management processes through initiatives and sharing best practices.
To be the source of reference within the Function in facilitating the understanding of Operational Risk and compliance/regulatory requirements.
Ensuring that Cluster Technology Teams responds to all forms of end-to-end country/regional business technology risk needs, including all audit, local regulatory, compliance, DR, BCP technology component, obsolescence, virus susceptibility and security needs. This includes the coordination of penetration testing conducted by GIS or external parties for internet-based systems to comply with local regulatory requirements. Escalate material technology risks to the relevant stakeholders and fora.
Support units in identification, reporting and resolution of Information and Cyber Security related risks.
Risk & Loss Reporting / Investigation
Responsible for recording operational errors that occur within the units that result in financial losses, gains, near misses, reputational damage or danger to people or our property .Ensure that the Head of Risk and Controls and relevant BRMs are notified of any significant operational events arising due to technology failures, downtimes
Support the business in minimizing operational risks and losses, and ensure all operational losses are investigated to prevent recurrence.
Root Cause Analysis (RCA) - Assist unit heads to complete the Root Cause Analysis (RCA) report
Incident reporting, monitoring and closure.
Risk Reviews and Audits
Contribute towards achieving no failed results on all audits and reviews undertaken by Group Internal Audit, Country Audit, regulators and external auditors (and any others from time to time).
Scope and plan thematic risk / control reviews aligning with the function's key objectives, Group Internal Audit themes and key risk areas (may include suppliers where appropriate). Conduct periodic reviews on Operational Risk Controls, submit review reports and follow-up with the business for timely closure of any identified risks/issues
Responsible for tracking actions and risks arising from audits and reviews and reporting the status of these actions periodically to the appropriate governance forums.
Act as coordinator for various internal/external audits/reviews and liaise with various stakeholders to ensure timely and accurate information is provided
Review findings/key themes; assist business to achieve resolution in line with business risk appetite.
Represent the Function as the Single Point of Contact (SPoC) on internal and external audits and Subject Matter Expert (SME) on the audit working practices.
Ensure that the function (and units within) are always audit ready.
Review adequacy of management response to audit findings.
Share thematic risk & audit findings and best practices across functions and units.
Process Risk Analysis (PRA)
Initiate PRAs in consultation with stakeholders as needed to support efforts in reviewing process and control effectiveness and risk identification
Review and endorse outcomes of PRA and track material actions and risks that arise
Provide support and guidance on control design to Risk Owner and Process Owner.
Scope and plan risk / control reviews of significant new Projects/Process
Ensure appropriate governance of End User Computing Applications that are in use.
Ensure high security and protection of the Bank's, Client information & assets
Act quickly and decisively when any risk and control weakness become apparent and ensure they are addressed within an appropriate timeframe and escalated through the relevant committees.
Risk Committee/Forum Meetings
Ensure that all risk committee/forum meetings within the function operate within the approved Terms of Reference (ToR), including membership, agenda, frequency, etc.
Facilitation of and pack production for the functional risk committee/forum meetings.
Submission of risk and control related details to T&I, ICS, Operational Risk committees and forums & other risk governing committees and forums within schedule and at the required quality.
Track action points for T&I for closure.
Management Information
Ensure that management (and any other stakeholder as required) is kept aware of the risk, control & audit profile of the function through periodical reporting.
Ensure that all management information is produced in line with the defined schedule and quality and should support management decision and action.
Ensure integrity of source and the processing of data to deliver accurate representation in management information.
Validation of Controls: Key Control Self Assessments (KCSA) or Control Sample Testing (CST) / Key Risk Indicators (KRI) / Key Control Indicators
Responsible for the implementation and execution of the KCSAs/CSTs/KCIs process, sampling and testing the population of controls to ensure compliance with agreed control standards as well as facilitating the monitoring/collection of any Key Risk Indicators (KRIs).
Ensure timely assessments and submissions of T&I KCSAs/CSTs/KRIs and RRAs as applicable
Review trend analysis of exceptions and identify systemic failures.
Identify material exceptions and escalate.
Responsible for recording and maintaining (in agreement with Head of Risk and Controls) risks in the risk tracking system (EORP), in accordance with Group Operational Risk Procedures. Responsible for ensuring the quality of information being recorded as well as ensuring data accuracy, completeness and timely resolution
Regulatory & Business Conduct:
Display exemplary conduct and live by the Group's Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across T&I Southern Cluster. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Lead the cluster to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Work with CTMs to ensure regulatory interactions are timely and appropriate.
Facilitate regulatory audit data submissions and returns renditions where applicable.
Periodic assessments of the obligations register to assess the adoption of regulatory circulars and escalate any gaps that are identified.
Risk Training Management
Develop and embed a risk management culture and mindset across T&I, Southern Cluster
Ensure that team members are kept abreast of changes in operational risk management structures and framework. Team members are clear on their responsibilities in relation to governance; risks and controls
Identify knowledge gaps and arrange appropriate and relevant training on Operational Risk.
Effectively communicate and implement relevant ERMF and ORF Policies and Procedures in the unit
Change Management
SPoC for the function on any Risk, Control or Audit change initiatives from Group/T&I/Ops
Drive implementation and adoption of agreed initiatives across the function including training, communication and awareness.
Review and endorse new and changed records (including treatment plans and risk ratings) as per OR Policy.
External Focus
Ensure timely communication of new/revised external regulations and internal policies.
To be the source of reference within the Unit in facilitating/promoting the understanding of compliance/regulatory requirements.
In collaboration with the AME, T&I Risk and Control lead and Country Compliance, review new/revised regulations and implement new control measures and/or develop relevant and risk-based self-assessment checks for implementation in the business.
Our Ideal Candidate:
Proven experience in a risk management, governance and reporting leadership role in either a business segment or supporting a functional CIO/CTO role.
Proven Relationship Management skills with ability to leverage on these relationships at the Regional and Country level to solve problems.
Deep knowledge of the Standard Chartered Network, joining the dots between Business and Technology Strategy and delivery in country/region.
Degree and/or relevant Certification in Technology and Risk management will be an added advantage.
Apply now to join the Bank for those with big career ambitions.
Related Jobs