Senior Manager - IT Risk Controller

Resource Access Management Solutions Pvt. Ltd. (RAMSOL)
  • Chennai
  • 10-15 lakh
  • 10-14 years
  • 29 Jan 2016

  • IT/ Information Technology

  • Banking - Retail
Job Description

Job Overview

The Risk Controller role is responsible for and has oversight over Operational Risk management, control management and audit management across the unit that has been assigned to the role. This role is key and responsible for applying the functions approach to risk identification and mitigation, control management and audit engagement within the framework set out by the relevant authorities.

This operations role ensures a constant state of preparation, readiness and continuous improvement across process, risk management and reduction, audit success, documentation, MIS systems and reporting.

Job Title - Senior Manager - Risk Controller (RC)

Job Purpose

Assist the RM in coordinating, driving and directing effective compliance with the prescribed operational risk management framework
Coordinate the implementation of effective controls to minimise / mitigate operational impact
Continuous monitoring for effectiveness and efficiency of key controls leading to effective management of Operational Risk.
Coordinate, facilitate and promote understanding and practice of Operational Risk within the Unit
Coordinate management of risk and timely resolution of issues.

Key Responsibilities

Risk Reviews

Execute risk / control reviews as per plans and in consultation with the RM
Track to closure, all actions and risks arising from the reviews
In conjunction with Process Owners, design and propose control enhancements to RM for consideration
Responsible to the RM as the Single Point of Contact (SPoC) for the Unit on internal and external audits
Ensure that the affected unit are sufficiently prepared for upcoming audits
Review and advice RM on the adequacy of management response to audit findings for the Unit
Monitor and track progress and timely closure of audit findings
Share thematic risk & audit findings across units.

Process Risk Analysis (PRA)

Execute PRAs as initiated by RM, to support efforts in reviewing process and control effectiveness and risk identification
Track to closure, all actions arising from PRAs
In conjunction with Process Owners, design and propose control enhancements to RM for consideration

Risk Committee Meetings

Ensure that all risk committee meetings within the unit operates within the approved Terms of Reference (ToR), including membership, agenda, frequency.etc
Facilitation of and pack production for the unit risk committee meetings. Provide challenge to ensure robust Risk Management practice
Submission of risk and control related details to functional risk forum within schedule and at the required quality

Management Information

Ensure that management (and any other stakeholder as required) is kept aware of the risk, control & audit profile of the unit through periodical reporting
Ensure that all management information is produced in line with the defined schedule and quality and should support management decision and action
Ensure integrity of source and the processing of data to deliver accurate representation in management information

Validation of Controls:
Key Control Self Assessments (KCSA) / Key Risk Indicators (KRI)
Continuous monitoring of key controls. Validate sampling techniques, results and exceptions arising thereof
Obtain, agree and track to closure of treatment plan from responsible parties
Provide RM periodical view of status and progress

Issue Management (records in Phoenix)
Investigate, document and report risk events and treatment plans on Phoenix in conjunction with with Unit Managers.

Change Management

SPoC for the unit on any Risk, Control or Audit change initiatives from Group or Technology Governance
Drive implementation and adoption of agreed initiatives across the unit including training, communication and awareness.

Key Relationships

Unit Line Managers and Process Owners within and outside of the unit in the management of controls
Peer Risk Managers / Controllers in other units in managing cross functional risks and sharing of best practices
2nd line (GTO Operational Risk and Risk & Control) for advice and guidance and steering with regards to group initiatives
Group Operational Risk (GOR) for interpretation and effective implementation of its Policy and Procedures
GTO Operational Risk functions in-country, GSSCs, WB Operations and CB Operations on relevant technology risk and controls
Legal & Compliance for interpretation of and consultations on regulatory requirements.
Process Governance team for process and control metrics
Group Internal Audit and external auditors on audit and reviews.

Key Measurable

Effectiveness of the controls and monitoring of operational risks and controls at the Unit level
Zero overdue actions arising from PRAs, Risk Reviews, Control exceptions, audit findings..etc
Satisfactory results on audits undertaken by Group Internal Audit, FSA, regulators and external auditors (relating to the unit)
Timely reporting and escalation of all operational risk exposures and control failures
Timely communication of changes to Policies, control environment and regulatory environment from Legal & Compliance and GOR.
Monitoring and adherence to timelines on Risk & Control or Group initiatives.
Cross team collaboration proactive engagement with stakeholders

Free access to Unit Head, Line Managers, peer Risk Controllers / Risk Managers and Process Governance team
Free access to all documents and records within the purview of the Unit Head and for area of responsibility, with the exception of information governed by specific policies, e.g. Chinese Walls
Free access to all meetings under jurisdiction
Recommend and implement actions and solutions to mitigate operational risks and enhance compliance at the Unit level.
Experience and Skills
At least 1 years experience in Operational Risk within technology
At least 3 years experience in any (combination of) technology discipline
A good understanding of controls required to manage Technology Risk
An understanding of technology Project Lifecycle and the associated controls required through project delivery to manage and mitigate risk
Be able to create and tailor clear and concise verbal and written communications. Fluent written and spoken English language skills
Possess a pro-active posture and committed to continuous improvement
Good presentation skills
Demonstrable analytical thinking
Data analysis and reporting skills
A team player who enjoys working with people on all levels as well as being able to work independently and under pressure to meet tight deadlines.

The following skills are not a pre-requisites, but will be advantageous:
Practical experience in technology audit engagement
Experience in any other risk management discipline (Credit, Market..etc)
Experience working in an financial institution industry
Tertiary qualifications in IT, Business Administration or Commerce
ITIL Foundation certified
Certification in CRISC (Certified in Risk and Information Systems Control certification), Certification in CISA (Certified Information System Auditor) or any other related qualification would be beneficial
Any Cobit related certification would be beneficial

Competencies/Skill sets for this job

It Risk Audit Governance Audits Audit Management

Job Posted By