Risk Controller

Tri Union Tech
  • Chennai
  • Confidential
  • 15-25 years
  • 02 Jul 2015

  • Risk Management

  • IT/ Technology - Software/ Services, Financial Services/ Capital Markets
Job Description

Job Overview

The Risk Controller role is responsible for and has oversight over Operational Risk management, control management and audit management across the unit that has been assigned to the role. This role is key and responsible for applying the function's approach to risk identification and mitigation, control management and audit engagement within the framework set out by the relevant authorities.

This operations role ensures a constant state of preparation, readiness and continuous improvement across process, risk management and reduction, audit success, documentation, MIS systems and reporting.

Job Purpose

- Assist the RM in coordinating, driving and directing effective compliance with the prescribed operational risk management framework

- Coordinate the implementation of effective controls to minimize / mitigate operational impact

- Continuous monitoring for effectiveness and efficiency of key controls leading to effective management of Operational Risk.

- Coordinate, facilitate and promote understanding and practice of Operational Risk within the Unit

- Coordinate management of risk and timely resolution of issues.

Key Responsibilities

Risk Reviews

- Execute risk / control reviews as per plans and in consultation with the RM

- Track to closure, all actions and risks arising from the reviews

- In conjunction with Process Owners, design and propose control enhancements to RM for consideration

- Responsible to the RM as the Single Point of Contact (SPoC) for the Unit on internal and external audits

- Ensure that the affected unit are sufficiently prepared for upcoming audits

- Review and advice RM on the adequacy of management response to audit findings for the Unit

- Monitor and track progress and timely closure of audit findings

- Share thematic risk & audit findings across units.

Process Risk Analysis (PRA)

- Execute PRAs as initiated by RM, to support efforts in reviewing process and control effectiveness and risk identification

- Track to closure, all actions arising from PRAs

- In conjunction with Process Owners, design and propose control enhancements to RM for consideration

Risk Committee Meetings

- Ensure that all risk committee meetings within the unit operates within the approved Terms of Reference (ToR), including membership, agenda, frequency.etc

- Facilitation of and pack production for the unit risk committee meetings. Provide challenge to ensure robust Risk Management practice

- Submission of risk and control related details to functional risk forum within schedule and at the required quality

Management Information

- Ensure that management (and any other stakeholder as required) is kept aware of the risk, control & audit profile of the unit through periodical reporting

- Ensure that all management information is produced in line with the defined schedule and quality and should support management decision and action

- Ensure integrity of source and the processing of data to deliver accurate representation in management information

Validation of Controls: Key Control Self Assessments (KCSA) / Key Risk Indicators (KRI)

- Continuous monitoring of key controls. Validate sampling techniques, results and exceptions arising thereof

- Obtain, agree and track to closure of treatment plan from responsible parties

- Provide RM periodical view of status and progress

Issue Management (records in Phoenix)

- Investigate, document and report risk events and treatment plans on Phoenix in conjunction with with Unit Managers.

Change Management

- SPoC for the unit on any Risk, Control or Audit change initiatives from Group or Technology Governance

- Drive implementation and adoption of agreed initiatives across the unit including training, communication and awareness.

Experience and Skills

- At least 1 years experience in Operational Risk within technology

- At least 3 years experience in any (combination of) technology discipline

- A good understanding of controls required to manage Technology Risk

- An understanding of technology Project Lifecycle and the associated controls required through project delivery to manage and mitigate risk

- Be able to create and tailor clear and concise verbal and written communications. Fluent written and spoken English language skills

- Possess a pro-active posture and committed to continuous improvement

- Good presentation skills

- Demonstrable analytical thinking

- Data analysis and reporting skills

- A team player who enjoys working with people on all levels as well as being able to work independently and under pressure to meet tight deadlines.

The following skills are not a pre-requisites, but will be advantageous:

- Practical experience in technology audit engagement

- Experience in any other risk management discipline (Credit, Market..etc)

- Experience working in an financial institution industry


- Tertiary qualifications in IT, Business Administration or Commerce

- ITIL Foundation certified

- Certification in CRISC (Certified in Risk and Information Systems Control certification), Certification in CISA (Certified Information System Auditor) or any other related qualification would be beneficial

- Any Cobit related certification would be beneficial

Job Posted By

About Organisation

Tri Union Tech