VP - Risk

Tri Union Tech
  • Chennai
  • Confidential
  • 10-20 years
  • 242 Views
  • 14 Sep 2015
dfdf

  • Risk Management

  • IT/ Technology - Software/ Services
Job Description

Key Responsibilities

Risk Reviews:

- Execute risk / control reviews as per plans and in consultation with the RM
- Track to closure, all actions and risks arising from the reviews
- In conjunction with Process Owners, design and propose control enhancements to RM for consideration
- Responsible to the RM as the Single Point of Contact (SPoC) for the Unit on internal and external audits
- Ensure that the affected unit are sufficiently prepared for upcoming audits
- Review and advice RM on the adequacy of management response to audit findings for the Unit
- Monitor and track progress and timely closure of audit findings
- Share thematic risk & audit findings across units.

Process Risk Analysis (PRA)
- Execute PRAs as initiated by RM, to support efforts in reviewing process and control effectiveness and risk identification
- Track to closure, all actions arising from PRAs
- In conjunction with Process Owners, design and propose control enhancements to RM for consideration

Risk Committee Meetings
- Ensure that all risk committee meetings within the unit operates within the approved Terms of Reference (ToR), including membership, agenda, frequency.etc
- Facilitation of and pack production for the unit risk committee meetings. Provide challenge to ensure robust Risk Management practice
- Submission of risk and control related details to functional risk forum within schedule and at the required quality

Management Information
- Ensure that management (and any other stakeholder as required) is kept aware of the risk, control & audit profile of the unit through periodical reporting
- Ensure that all management information is produced in line with the defined schedule and quality and should support management decision and action
- Ensure integrity of source and the processing of data to deliver accurate representation in management information

Validation of Controls: Key Control Self Assessments (KCSA) / Key Risk Indicators (KRI)
- Continuous monitoring of key controls. Validate sampling techniques, results and exceptions arising thereof
- Obtain, agree and track to closure of treatment plan from responsible parties
- Provide RM periodical view of status and progress

Issue Management (records in Phoenix)
- Investigate, document and report risk events and treatment plans on Phoenix in conjunction with with Unit Managers.
Change Management
- SPoC for the unit on any Risk, Control or Audit change initiatives from Group or Technology Governance
- Drive implementation and adoption of agreed initiatives across the unit including training, communication and awareness.
Key Relationships

- Unit Line Managers and Process Owners within and outside of the unit in the management of controls
- Peer Risk Managers / Controllers in other units in managing cross functional risks and sharing of best practices
- 2nd line (GTO Operational Risk and Risk & Control) for advice and guidance and steering with regards to group initiatives
- Group Operational Risk (GOR) for interpretation and effective implementation of its Policy and Procedures
- GTO Operational Risk functions in-country, GSSCs, WB Operations and CB Operations on relevant technology risk and controls
- Legal & Compliance for interpretation of and consultations on regulatory requirements.
- Process Governance team for process and control metrics
- Group Internal Audit and external auditors on audit and reviews.
Key Measurables

- Effectiveness of the controls and monitoring of operational risks and controls at the Unit level
- Zero overdue actions arising from PRAs, Risk Reviews, Control exceptions, audit findings..etc
- Satisfactory results on audits undertaken by Group Internal Audit, FSA, regulators and external auditors (relating to the unit)
- Timely reporting and escalation of all operational risk exposures and control failures
- Timely communication of changes to Policies, control environment and regulatory environment from Legal & Compliance and GOR.
- Monitoring and adherence to timelines on Risk & Control or Group initiatives.
- Cross team collaboration proactive engagement with stakeholders
Authorities

- Free access to Unit Head, Line Managers, peer Risk Controllers / Risk Managers and Process Governance team
- Free access to all documents and records within the purview of the Unit Head and for area of responsibility, with the exception of information governed by specific policies, e.g. Chinese Walls
- Free access to all meetings under jurisdiction
- Recommend and implement actions and solutions to mitigate operational risks and enhance compliance at the Unit level.
Experience and Skills
- At least 1 years experience in Operational Risk within technology
- At least 3 years experience in any (combination of) technology discipline
- A good understanding of controls required to manage Technology Risk
- An understanding of technology Project Lifecycle and the associated controls required through project delivery to manage and mitigate risk
- Be able to create and tailor clear and concise verbal and written communications. Fluent written and spoken English language skills
- Possess a pro-active posture and committed to continuous improvement
- Good presentation skills
- Demonstrable analytical thinking
- Data analysis and reporting skills
- A team player who enjoys working with people on all levels as well as being able to work independently and under pressure to meet tight deadlines.

The following skills are not a pre-requisites, but will be advantageous:
- Practical experience in technology audit engagement
- Experience in any other risk management discipline (Credit, Market..etc)
- Experience working in an financial institution industry
Qualifications
- Tertiary qualifications in IT, Business Administration or Commerce
- ITIL Foundation certified
- Certification in CRISC (Certified in Risk and Information Systems Control certification), Certification in CISA (Certified Information System Auditor) or any other related qualification would be beneficial
- Any Cobit related certification would be beneficial


Competencies/Skill sets for this job

Risk Review Process Risk Analysis Risk Management

Job Posted By

About Organisation

Tri Union Tech