Senior Risk and Control/ Tech Risk Officers

Senior Risk and Control Officer
**Role Objective**:
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Absa Policies and Policy Standards
Understand and manage risks and risk events (incidents) relevant to the role.

**Overall Job Purpose**:
To support Relationship Banking Technology senior management with their risk, assurance, and compliance objectives. To develop, implement and maintain governance, risk (technology, cyber and change) and compliance (Risk, Audits, Regulatory etc.) initiatives, in line with Absa policies, standards and guidelines. To successfully evolve the Relationship Banking Technology Governance Risk and Compliance function into a proactive and functionally excellent division.

**Accountability: Risk and Control (Audits, Control, Compliance etc.)**:

- Act as a liaison between the Head of Governance Risk and Compliance and the technology teams to ensure that technology, cyber and change risk is adequately considered in the overall risk profile for that business.
- Assist in setting technology, cyber and change risk thresholds and the related key indicators as well as the measurement thereof.
- Roll out Risk and Control Assessments (or equivalent) and capture and maintained the results on the relevant system.
- Represent technology, cyber and change risk at senior management forums and committees and provide specialist input as required.
- Involvement during planning stage of all audits in the area.
- Review audit reports and factual accuracy of reports and that correct action owners were identified.
- Review the feasibility of agreed actions.
- Facilitate closure of audit findings.
- Monitor to ensure that the relevant compliance training has been completed for staff in the area. Escalate overdue compliance training obligations to the appropriate level of management.

**Accountability: Remediation tracking**:

- Record remediation plans on the relevant system and facilitate closure for all risk and control weaknesses identified.
- Track and monitor the adequate on time remediation of observations raised by internal or external audit, management assurance, observations raised by management, and control issues (Senior Management issues/ Absa Issues) relevant to Relationship Banking management, including the production of the closure or milestone conversion documents (Relationship Banking Technology and Business related).
- Ensure this is done through progress tracking with control owners, status reporting to stakeholders and obtaining assurance for adequacy of remediation activities.
- Engage with technology management and senior management to discuss and manage overall progress against remediation plans.
- Ensure that all closure and/or conversion documents are reviewed by the appropriate stakeholders before being submitted to Senior Management and Absa Internal Audit

**Accountability: Reporting**:

- Joint interaction and support to resolve Relationship Banking Technology common problems and to find efficiencies.
- Ensure accurate delivery on special risk and compliance projects initiated in Relationship Banking Technology’s Governance Risk and Compliance.
- Identify all high/medium risk projects in the area and track RAG status from a risk perspective. Be involved in project assurance reviews where required.

**Education and Experience Required**:

- NQF level 6 B Degree
- B degree in Risk Management/Audit/or equivalent Advanced Diploma
- B Degree is required i.e., Information Technology and/or Business Management
- CISA/CISSP/CISM/CGERT/PMP or any other IT Governance related qualification
- 2 years managerial/leadership experience
- 4 years’ experience in a risk and audit environment
- 4 years job relevant experience in IT Governance
- 4 years Financial Business environment or other financial related experience

**Knowledge & Skills: (Maximum of 6)**:

- 4 years’ experience in banking, financial services, or other related industry experience
- Extensive knowledge and delivery of risk management and assurance engagements
- Good interpersonal, facilitation and negotiation skills
- Self-confidence and assertiveness/persuasiveness
- Good understanding of IT (govern, build, and run)
- Strategic and tactical planning

**Competencies: (Maximum of 8 competencies)**:

- Deciding and initiating action
- Learning and researching
- Entrepreneurial and commercial thinking
- Relating and networking
- Adapting and responding to change
- Persuading and influencing
- Creating and innovating

**Special work requirements**:

- Adapting to a changing environment and high levels of pressure
- Most complex decision that can be taken without referral to the manager:

- Level of escalation of out of line audits and compliance issues
- Raising risk and assurance issues directly with management that may lead to unsatisfactory audit or risk reports
- Solutions for inadequate controls raised as Cont