- Accountable for development of strategy and delivery of risk assessment services, ensure associated procedures are developed, implemented and continually updated to ensure alignment with internal 2LoD requirements, industry best practices, evolving regulatory requirements and changing risk landscapes.
- Design, implement and maintain the related strategy to align with business objectives.
- Set direction for associated processes, and service offerings and responsible for continuous improvement of the services.
- Develop and maintain a comprehensive risk reporting framework (e. g. , Risk and Control Self Assessments, contributions to the monthly IT Risk Forum, programme risk insights) that offers senior management and stakeholders insights into related risk exposures.
- Partner with leads across Business Areas and Functions to mature the delivery and governance to allow MG to better manage risks associated with Technology, Data and Privacy.
Accountabilities / Responsibilities
- Build strong professional relationships with key stakeholders and senior leaders across Technology Pillars to capture appropriate risk metric data.
- Assess the impact of any new reporting requirements on the existing reporting commitments and that of those who need to input to additional requirements.
- Lead the identification and delivery of continuous improvement and quality standards for risk assessment
- Lead the engagement with the 2nd Line of Defence Technology Risk with a focus on maintaining an effective and coherent communication on Technology Risk management.
- Actively identify new approaches that enhance efficiency and the business impact of IT the risk landscapes.
- Represent First Line GRC function in the defined area and act as a role model to develop experts within this area.
- Develop a strong understanding of the strategy of the business, and utilise knowledge of the Technology risk environment /requirements, in order to manage the reporting requirements.
- Line manager for the risk assessment colleagues in India
