Manager: IT Governance and Risk - Centurion at Secondments

Job Advert Summary    

• To investigate, analyse and manage risk associated with IT projects, between Operational Business units and the Risk Department and to enable continuous business performance improvement of company by consolidating internal and external sources of information to support tactical and strategic decision making across all operational units.

Minimum Requirements    
Preferred Minimum Education and Experience    

• A relevant Degree or Diploma in Information Systems
• 5 years Demonstrated experience as an IT Advisory and Auditing Subject Expert

Critical Competencies    
Microsoft Office

• Advanced knowledge of risk management principles
• Knowledge / Experience of IT risk management systems / tools 
• IT Governance and Management Principles
• Business / Financial acumen

Additional Requirements    

• Extended hours as and when required.
• Travel as and when required.
• Required to work off site on occasion.
• Direct access to Executive Manager: Risk Management (Chief Risk Officer)

Duties and Responsibilities    
Key Performance Areas    
Leads IT Governance on behalf of the organisation

• Provides guidance on IT Governance
• Checks that IT Framework is fit for purpose continuously and makes recommendations for amendments to senior management when necessary.
• Monitors and makes recommendations on the technical and operational areas within IT to address structural issues when necessary.
• Monitors IT processes to ensure that they are aligned with organisational strategy.
• Monitors IT organisational structure to ensure that it is aligned with the business strategy of the Bank and recommends changes if necessary.
• Analyses available skills and competencies in conjunction with IT Head to consider the appropriateness of skills.
• Leads Data / Information Governance on behalf of the organisation
• Assess the organisations maturity level with regards to data governance and data quality
• Provides guidance on data governance.
• Checks that Data Governance Framework is fit for purpose continuously and makes recommendations for amendments to senior management when necessary.
• Monitors the management of system and business data.

Ensure all master data is accurate, reliable, and consistent.

• Leads Information Security Risk on behalf of the organisation
• Protects system by defining access privileges, control structures, and resources.
• Recognises problems by identifying abnormalities, reporting violations.
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits.

Manages IT related internal Controls / Risks

• Advises senior management on IT related internal control issues to manage the risk.
• In instances where this is not possible, provides alternative solutions, which might include accepting the impossibility of managing all risks.
• Monitors and evaluates compliance with legislative or regulatory IT control e.g., POPI.
• Enterprise Risk Management (ERM) Accountabilities
• Assess whether all committees within company is operating effectively.
• Monitor all Risk Management Department’s projects and reports on status and any deviations that may impact on the timelines.
• Monitors project governance (IT and other) organisation wide
• IT Governance, Data Governance and Information Security Reporting
• Validate the data into the required format for producing the report.
• Generates the report utilising the information in accordance with policies and procedures.
• Makes recommendations in accordance with the information at hand.
• Submits the report for approval where necessary.
• Distributes the report to the relevant role players.
• Represents IT Risk Management as Subject Expert at various Forums
• Needs good understanding of the Bank’s strategy and provide input into IT strategy in this context.
• Provides input on the Bank’s architecture from a risk perspective.
• Advises on imminent risks relevant to the implementation of new products as part of a project team. Attends IT Steering Committee to provide input on major projects and manage risk mitigation.

Monitor Value Optimisation of IT CAPEX

• In conjunction with IT business partner analyses the business need and explores options to address the business need e.g., changing to SAP.
• Reviews business plan to motivate for implementation of this plan.
• Analyses the impact of the system post-implementation and reports on the effectiveness of the implementation to senior management.