Develop, review, and update the enterprise risk management framework, including risk appetite statements and risk targets, to support organisational objectives.
Establish, implement, and maintain structured processes for risk identification, assessment, monitoring, and reporting across the organisation.
Implement risk management initiatives, including risk facilitation sessions and advisory activities, to support effective risk ownership and mitigation.
Develop and implement risk management tools, processes, and key risk indicators (KRIs) to monitor changes in risk exposure and impact.
Review risk reports submitted by risk owners and provide guidance on the design and enhancement of risk management and mitigation programmes.
Perform timely reviews and audits of risk mitigation controls to ensure adequacy, effectiveness, and ongoing monitoring of risk treatment actions.
Establish and document formal risk reporting and escalation structures to ensure clear communication of key risks to management and governance bodies.
Build and embed a strong risk awareness culture by developing and driving risk awareness programmes, training sessions, knowledge sharing, and facilitation activities.
Organise and facilitate half-yearly risk reviews with the Risk Management Working Group and Risk Management Committee, including preparation of relevant reports and materials.
Develop, maintain, and oversee the Business Continuity Management (BCM) framework, policies, and procedures, including coordinating business continuity testing, annual plan reviews, Business Impact Analysis (BIA), and preparation of risk bulletins or newsletters, as well as performing other related tasks as assigned.
REQUIREMENTS
Bachelor Degree in risk management or Accountancy or Finance or Law or related Business Administration field.
Professional Risk Management certification is an added advantage.
Minimum 8 years of relevant working experience in risk management or similar capacity.
Understanding of risk management fundamentals (ERM & BCM).
Knowledge of Enterprise Risk Management frameworks and methodologies (ISO 31000:2018 Risk Management Principles and Guidelines & ISO 22301 Business Continuity Management System).
