Search by job, company or skills
IT Risk and Compliance Assistant Manager/Manager
JOB PURPOSE
All IT Risk and Compliance activities are supported through this role which would evaluate and ensure proactive and adequate management of risk and compliance with timely risk mitigation, compliance controls and compliance submissions to management with tracking of gaps until closurein Group Technology Department.
ACCOUNTABILITIES AND RESPONSIBILITIES
1. Collect information and review documentation to ensure that risk scenarios are identified and evaluated.
2. Identify legal, regulatory and contractual requirements and organizational policies and
standards related to information systems to determine their potential impact on the
business objectives.
3. Perform monthly/quarterly submissions and annual review on Bank/BNM Key Risk
Indicators (KRI), Risk Control Self Assessments (RCSA), Compliance Self Assessment
Review (CSAR), Compliance Matrix (CMAX), Cyber Resilience Maturity Assessment
(CRMA) and Management of Customer Information and Permitted Disclosures (MCIPD).
4. Coordinate submissions on Technology Risk Dashboard on monthly basis to Technology
Risk Management team and send all Risk & Compliance communications to Technology
Staff on adhoc basis.
5. Collect and validate data that measure key risk indicators (KRIs) to monitor and
communicate their status to relevant stakeholders in their decision-making process.
6. Facilitate independent risk assessments and risk management process reviews to ensure
they are performed efficiently and effectively.
7. Review all the Department's documentations related to Risk and Compliance prior to
submission to BRCM (for e.g. Master Service Agreement/ renewal Agreement/ Letter to
BNM/ Guidelines and Procedures/ Due Diligence Checklist/ Cloud Risk Assessment/
Material Risk Assessments etc) and provide advisories to IT Project Managers.
8. Timely reporting/escalation of any compliance issue/breaches to respective BRCM and submission of Lost Event Report via GCM System for IT related Priority 1 & 2 incidents.
9. Close monitoring of submission of Compliance documents reviews, surveys for BNM and PayNet queries/updates and BNM Reviews to ensure that they are done within agreed timeline.
10. Any special assignment to undertake special/ad-hoc assignments as and when directed by Head, Governance Risk & Compliance (GRC).
REQUIRED QUALIFICATIONS & PROFESSIONAL SKILLS
Qualifications:
Date Posted: 13/12/2024
Job ID: 103221061