Description:
At KPMG we are currently seeking Business Continuity Management (BCM) Associate Director to join our Technology Risk & Cyber Consulting practice for business resilience services of our clients. The role is responsible for leading the development, implementation, governance, and continuous improvement of Business Continuity Management (BCM) framework, policies and implementation for our clients. This role ensures operational resilience by identifying critical business functions, assessing risks, developing continuity strategies, and coordinating enterprise-wide recovery plans. The role acts as the key advisor to senior leadership of clients and internally during disruptions and oversees readiness through training, testing, and incident management.
Responsibilities:
Strategic Leadership & Governance
- Develop and maintain the enterprise-wide Business Continuity Management System (BCMS) aligned with ISO 22301 or relevant standards.
- Establish continuity policies, frameworks, and governance structures.
- Advise senior leadership on resilience strategy, emerging risks, and preparedness gaps.
- Drive BCM maturity across the organization through continuous improvement programs.
Risk Assessment & Business Impact Analysis (BIA)
- Lead the execution and periodic review of Business Impact Analysis for all business units.
- Identify critical processes, dependencies, recovery time objectives (RTO/RPO), and resilience priorities.
- Coordinate risk assessments related to operational interruptions, supply chain, technology failures, and external events.
Business Continuity Planning & Implementation
- Develop, maintain, and update Business Continuity Plans (BCP), Disaster Recovery Plans (DRP), Crisis Management Procedures and Crisis Communication Plans.
- Ensure all business units have documented and tested continuity strategies.
- Work closely with IT, Security, Facilities, HR, and Operations to align continuity plans.
- Be able to templatize BCM requirements into a tool.
Testing, Training & Awareness
- Plan and execute tabletop exercises, simulation drills, and full-scale tests.
- Ensure employee awareness and training programs are conducted regularly.
- Evaluate testing results and track remediation actions.
Crisis & Incident Management
- Serve as the incident commander or senior advisor during crises or disruptions.
- Coordinate cross-functional response teams to manage incidents effectively.
- Provide regular communication updates to executives and key stakeholders.
- Conduct post-incident reviews and ensure lessons learned are incorporated into plans.
Regulatory & Audit Compliance
- Ensure compliance with regulatory requirements and industry standards such as BNM, SC, Bursa etc., related to business continuity.
- Interface with auditors, customers, and regulators during assessments.
- Manage third-party resilience assessments and continuity risks.
Reporting & Performance Measurement
- Develop BCM performance metrics and dashboards for leadership.
- Provide regular resilience status reports, risk exposure summaries, and improvement roadmaps.
Requirements:
- Bachelor's degree in business administration, risk management, information systems management, or related field
- Master's degree preferred.
- Has at least 10-15 years of work experience in Business Continuity Management, Risk Management and Crisis Management and related fields.
- Proven track record managing enterprise BCM programs in large or complex organizations.
- Experience leading cross-functional teams during high-impact incidents.
- Preferably has at least two (2) of the following certifications:
- Certified Risk Professional from Institute of Enterprise Risk Managers (IERP)
- Certified Business Continuity Practitioner from DRI International
- Disaster Recovery Certified Expert (DRCE) from BCM Institute
- Excellent communication skills especially related to facilitation and reporting.
- Very thorough in documentation and detailed-oriented.
- Strong time management and project management skills which allow for multi-tasking while managing shifting priorities
