Responsible for leading the development, implementation, and maintenance of the organization's risk management and business continuity frameworks. This includes ensuring the timely identification, assessment, and mitigation of enterprise risks, while embedding risk awareness across the organization.
Provides advisory support to risk owners, facilitates structured reporting and escalation of risks, and ensures alignment with governance and compliance requirements.
Develop and update risk management framework, risk appetites and targets.
Establish and implement an effective process on identifying and assessing risks.
Implement risk management initiatives such as risk facilitation and other advisory activities.
Develop and implement tools, process and key risk indicators to monitor risk changes and impact.
Review on risk report received by risk owners and advise risk owners in designing risk management program.
Perform timely audit to assess risk mitigation controls to ensure adequate risk mitigation action are implemented and monitored.
Document formal and defined reporting structures for escalation of risks.
Build and embed risk awareness and culture into the organization.
Develop and drive risk awareness programs, trainings, knowledge sharing and facilitation exercises.
Organise half yearly review of risk reports with the Risk Management Working Group and Risk Management Committee.
Develop and maintain the Business Continuity Management Framework, Policy and Standard Operating Procedures.
Plan and conduct yearly business continuity test plan for all business units based on the approved plan.
Conduct yearly maintenance review of the business continuity plans and coordinate Business Impact Analysis.
Responsible for Risk Bulletin / Newsletters.
REQUIREMENTS
Bachelor's Degree in Risk Management, Accountancy, Finance, Law or related Business Administration field.
Professional Risk Management certification is an added advantage.
Minimum 5 years of relevant working experience in risk management or similar capacity.
Understanding of risk management fundamentals (ERM & BCM).
Knowledge of Enterprise Risk Management frameworks and methodologies (ISO 31000:2018 Risk Management Principles and Guidelines & ISO 22301 Business Continuity Management System).
