JOB SUMMARY
Responsible for supporting IT governance and ISMS activities through policy and documentation
management, governance coordination, reporting, audit and compliance support, risk assessment
coordination, procurement and vendor coordination, awareness activities, and stakeholder follow-up. The role helps maintain accurate records, evidence, registers, trackers, risk information, and approved documentation to support effective governance practices, certification readiness, management reporting, and continual improvement across the organisation.
KEY DUTIES AND RESPONSIBILITIES
a) IT Governance, ISMS Documentation and Policy Management
- Support the development, review, maintenance, and communication of IT governance and ISMS-related frameworks, policies, standards, guidelines, procedures, and related documentation.
- Coordinate policy and ISMS documentation review activities, including arranging review sessions, circulating drafts, consolidating comments, and following up on stakeholder feedback.
- Maintain IT governance and ISMS documentation records, including policy registers, document owners, review dates, version history, approval status, templates, evidence, and repositories.
b) Process Documentation and Governance Improvement
- Assist in documenting and improving IT processes, workflows, procedures, work instructions, and governance practices based on input from process owners and stakeholders.
- Monitor and support the implementation of approved IT policies, procedures, governance requirements, compliance status, KPIs, service indicators, issues, and agreed action plans.
c) Tracking, Reporting and Management Support
- Track action items, audit follow-ups, management requests, section deliverables, governance issues, decisions, and resolution status for reporting and monitoring purposes.
- Prepare working-level governance reports, status updates, meeting summaries, basic dashboards, presentation packs, minutes, action records, and management reporting inputs.
d) Planning, ISMS, Audit and Compliance Coordination
- Assist in the preparation, coordination, and monitoring of IT plans, budgets, governance related submissions, ISMS activities, audits, reviews, assessments, and required supporting evidence.
- Support ISMS governance activities, including certification maintenance, internal and external audit preparation, evidence compilation, non-conformance follow-up, corrective action tracking, and continual improvement monitoring.
- Support the coordination of information security and cybersecurity risk assessments from an ISMS and governance perspective, including arranging assessment sessions, compiling inputs, maintaining risk registers, tracking treatment actions, and following up with action owners.
e) Procurement and Vendor Coordination
- Perform IT governance procurement activities, including preparing scope of work, discussing requirements with vendors, issuing purchase requisitions, compiling supporting documents, coordinating approvals, tracking procurement progress, monitoring vendor performance, maintaining procurement records, and following up on vendor payment matters in accordance with internal requirements.
f) Meeting Secretariat and Stakeholder Coordination
- Provide secretariat and coordination support for IT governance meetings, working groups, and policy-related activities, including meeting logistics and action item follow-up.
- Assist in identifying communication, briefing, awareness, and continuous improvement needs relating to IT governance, policies, procedures, documentation, templates, and reporting practices.
g) Awareness and Communication Support
- Support IT governance, ISMS, and policy awareness activities, including preparation of communication materials, briefing coordination, stakeholder reminders, participation tracking, and maintenance of awareness records and evidence.
h) Other Assigned Tasks
- Perform any other tasks as assigned by the immediate superior or Management.
PERSON SPECIFICATION
Minimum Qualifications
- Bachelor's degree or equivalent experience
- Bachelor's degree in information technology, Information Systems, Computer Science, Governance, Risk and Compliance, or a related discipline; or equivalent professional qualification and relevant working experience.
- Minimum 4 to 6 years experience in IT governance, ISMS, audit, compliance, policy management, risk management, process improvement, or related governance and assurance functions. Experience in an IT function is an advantage but not mandatory.
Knowledge, Skills & Abilities
- Understanding of IT governance principles, policy management, organisational procedures, and related governance documentation requirements.
- Understanding of Information Security Management System requirements from a governance, policy, documentation, certification support, audit evidence, and continual improvement perspective.
- Awareness of audit preparation, compliance tracking, records management, evidence compilation, and follow-up requirements.
- Basic understanding of IT procurement, budgeting, purchase requisition, vendor coordination, payment follow up, and internal approval processes.
- Understanding of how to communicate clearly, coordinate with stakeholders, and work collaboratively across different levels and functions.
- Good written communication skills, including the ability to draft and update policies, procedures, reports, minutes, action records, and governance documentation.
- Good verbal communication, listening, stakeholder coordination, and follow-up skills.
- Ability to support ISMS governance activities, including document control, audit preparation, evidence compilation, non-conformance follow-up, and certification maintenance support.
- Ability to maintain accurate records, registers, trackers, repositories, templates, and supporting evidence with strong attention to detail.
- Ability to prepare governance reports, basic dashboards, status updates, presentation materials, meeting minutes, and action item records.
- Ability to coordinate IT governance procurement activities, including scope of work preparation, vendor discussions, purchase requisitions, vendor performance tracking, and payment follow-up.
- Ability to use Microsoft Office applications and prepare simple process flows or diagrams using Visio or similar tools.
- Ability to work with technical IT teams, internal stakeholders, vendors, procurement, finance, and relevant business functions.
- Ability to manage multiple tasks, meet deadlines, support problem resolution, and work independently with guidance.