• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD
  • REGISTER

 LOGIN WITH
 
 
 
 
 EMPLOYERS
 
 
 
 
 
 NEWSLETTER
 
 
 
 
 FOLLOW US

Group IT Risk Manager – RoA IT

Job Ref
269884
Job Type
Permanent
Employer Type
Company
Date Added 15 Nov 2016
Expiry Date 13 Dec 2016
* There have been 9 applications to this job.
* This job has been viewed 3889 times.
Employer:
Standard Bank

Location:
Gauteng

Salary:
Market related

Benefits:


Role details:
Develop and maintain relationships with RoA IT stakeholders to facilitate delivery of the Group IT risk management strategy and objectives, aligned to those of the RoA IT business partner. Directly assist RoA IT business partners achieve their strategic objectives through the provision of risk management coaching, training, commercially pragmatic risk advice, support and where required direct involvement in the implementation of the Group IT Risk Framework.
The incumbent will, from time to time, also need to take on additional work in support of the Senior Manager and Executive of Group IT Risk, Governance and Compliance. The role will require the incumbent to collaborate with the embedded RoA Operational Risk, Information Risk manager(s) and the RoA risk manager in the Integrated Operational Risk function to align and coordinate risk management effort satisfying each areas objectives and to leverage their capabilities whenever
- - - - - - - - - - - - - -
Key Responsibilities

• Identify all relevant RoA risk management stakeholders (e.g. embedded risk managers, in country risk managers, in country and regional CIOs, RoA CIO, IOR risk manager, RoA GIA etc).
• Obtain clear understanding of the RoA risk management stakeholder’s objectives and share with them the Group IT risk management objectives.
• Collaborate with the RoA risk management stakeholders to ensure alignment and prioritisation of risk management activities.
• Create platforms to ensure regular, effective communication with RoA risk management stakeholders to ensure they are always informed on all Group IT Risk initiatives as well as the status of risk within their portfolios.
Provide ad-hoc consulting and commercially pragmatic risk advice to business partners.

Common understanding of IT Risk Framework

• Provide training on the Group IT Risk management framework, processes, methods and requirements to all RoA risk management stakeholders.
• Provide remote, and on-site when necessary, support to RoA business partners.

Implementation of IT Risk Management framework
• Work closely with the RoA risk management stakeholders to facilitate delivery of the following at in-country, regional and RoA level:
o Risk appetite statement and regular assessment of risk profile against appetite.
o Risk identification and analysis aligned to strategic objectives.
o Expression of the top IT risks in the Risk Cards and Top IT risk dashboards.
o Lead and lag indicators for risk drivers, risk exposures and control adequacy.
o Risk mitigation plans.
• Review and analyse the RoA IT risk register, including risk acceptances to identify interrelated risks that are independently captured, multiple risks impacting single functions, trends, MI etc.
• Analyse risk information (incidents, root cause, losses, scenarios, external events etc.) to identify potential new risks, risk trends and other useful management information.
• Research reputable agency’s (e.g. WHO, Gartner, Big 4 consulting houses etc.) IT and IT risk papers to identify new and emerging risks and trends which are relevant to Group IT and RoA IT.
Review the control environment to determine adequacy and effectiveness and work with RoA business partners to remediate where necessary.

Risk solution engineering

• Ensure clear understanding of the risk and issues relevant to the RoA business partners.
• Recommend solutions and provide risk advice for the effective treatment of identified risks.
• Research leading practice risk treatment strategies and controls for mitigating known risks to ensure sound risk advice.

Risk reporting and General requirements

• Assist in the compilation of reports to Group IT Committee, Group Manco and Group IT Risk and Compliance Committee whenever required.
• Assist in the preparation for and response to ad-hoc SARB requests, on-site visits and reporting requirements.
• Assist in the administrative management for the IT Risk Academy when required.
• Participate in the development of new and the annual review of existing risk related policies, standards and guidelines by providing input to enhance the quality and completeness of these documents.
• Establish relevant risk related metrics and management information to facilitate reporting and decision making.
• Prepare and discuss risk reports to the business partners indicating their risk profile in relation to their risk appetite and highlighting areas where urgent attention is required.

Experience required 1
Job Function: Risk Management
Job Family: Operational Risk
Years: 5-7 Years
Experience Description: Implemented operational risk framework within a large corporate environment

Experience required 2
Job Function: Information Technology
Job Family: IT Risk Management
Years: 5-7 Years
Experience Description: Implemented risk framework, preferably in an IT environment of a leading financial institution

Behavioural Competencies
Examining Information
This competency serves to aid effective problem solving and requires being effective at probing and analysing situations efficiently and accurately. This competency is important because without sufficient analysis, effective solutions become less probable. In addition, poor analysis makes it more likely that individuals become confused and anxious, bored, error prone or overwhelmed by detail, which also impacts negatively on successful problem solving.
Adopting Practical Approaches
Adopting practical solutions with an emphasis on learning by doing. This competency requires individuals to utilise common sense when required. Ultimately, this competency is important in order to ensure that organisations implement feasible solutions.
Providing Insights
This dimension is about providing insight with regards to aspects that are likely to have an impact on the organisation. It is about making it clear to others what the implications of internal and external organisational environmental factors and processes are on the competitive position of the organisation. “Providing Insights” should be done with a focus on improving the situation.

Challenging Ideas
This competency is about an individual facilitating or catalysing change in an organisation. ''Challenging Ideas'' emphasises individual behaviours associated with questioning assumptions, challenging established views and arguing personal perspectives
Establishing Rapport
This competency is about the behaviours an individual should employ in order to effectively engage people, establish positive personal contact and improve the likelihood of maintaining positive relationships. This competency is therefore about putting people at ease, making friends and helping people feel welcome
Interacting with People
This competency is about fostering relationships that benefit the organisation as well as an individual’s effectiveness and efficiency. More specifically, it includes personal networking behaviours, making contact with others and strengthening relationships.

Team Working
This competency is about working well in a team. In order to develop this competency, individuals are encouraged to acknowledge the views and contributions of others, and to involve others in decision-making.
Resolving Conflict
This competency is about effectively dealing with disagreements and conflict in the workplace. In order to demonstrate being competent at resolving conflicts in the workplace, individuals are expected to demonstrate that they are able to effectively handle angry individuals and emotionally charged situations.

Communication Skills
Competency Description: Ability to express ideas by means of clear and effective writing, in order to support professional communication internally within the Bank and externally.
ADVANCED - Mastered the concept, able to act independently, provides guidance and training to others

Risk Management
Competency Description: Demonstrates knowledge and understanding of risk management methodologies, tools, governance structures and regulatory requirements for good management of risk.
ADVANCED - Mastered the concept, able to act independently, provides guidance and training to others

Competency Label: Risk Measurement
Competency Description: The ability to define and analyse risk identification information in a quantitative and/or qualitative way.
Proficiency Level: Choose an item.

Competency Label: Risk Response strategy
Competency Description: The ability to facilitate the creation and adoption of an appropriate risk response strategy and to assign ownership for the risk response.
Proficiency Level: ADVANCED - Mastered the concept, able to act independently, provides guidance and training to others

Competency Label: Evaluating risk management effectiveness
Competency Description: The ability to determine if risk management and control measures are achieving the desired results and mitigating risks at the expected level.
Proficiency Level: ADVANCED - Mastered the concept, able to act independently, provides guidance and training to others

Competency Label: Risk Reporting
Competency Description: The ability to prepare quantitative and qualitative analysis on the risk landscape in the business including interpretation and analysis for use by business users.
Proficiency Level: ADVANCED - Mastered the concept, able to act independently, provides guidance and training to others

Leading Courageously
Competency Description: Believing in oneself, own judgement, skills and experience, and using this self-confidence to challenge others for the benefit of Standard Bank.
Proficiency Level Description: '3 Has confidence to bring conflict into the open to be resolved; Is able to confront others (peers, boss, etc.) or brings disagreement into the open with the purpose of resolving it, landing on a decision, to ensure action. Is open and honest when communicating with others (''straight talk''). Challenges popular values, decisions and opinions to ensure that actions are taken in the Bank's best interest. Takes action in defiance of corporate rules and procedures for the greater good of the business and its stakeholders. Accepts personal risks and/or consequences of failure and persist in the face of opposition or fear.

Seeking Deeper Understanding
Competency Description: Copy from Leadership Library
3 Seeks to understand/get a broad and objective external view; Extensively looks outside the Bank to understand the market, competitors, customers, etc. Takes a global/macro perspective based on objective data. May include cross-country analysis.

Purposeful Collaboration
Understands and leverages the dependencies across the organisation and the impact of own actions on the rest of the organisation to create organisation alignment for decision-making and delivery of quality outcomes.
Ensures cross-functional alignment to take action; Uses a clear, disciplined process to fearlessly work from purpose and principles to decisions. Takes decisions as a group considering the input gathered to ensure cross-functional alignment. Commits to the group decision, and owns and implements the decision

Influencing Others
Effectively and strategically influences across the organisation, based on previously established credibility and respect, as well as understanding the organisational dynamics, politics and interpersonal context.
'3 Tailors the strategic communications to the audience; Considers the thoughts, concerns, interests and personality of the audience when defining the influencing strategy. Adapts settings, words, presentation, and use of third parties or experts when attempting to influence decision makers or stakeholders. Engages the audience at an emotional level based on genuine personal conviction.



 
HOME|
INFO|