·
Adherence to IT Risk
Framework - Assist in the planning, design, implementation and continued adherence
to the IT risk Framework Risk Appetite
·
Engaging appropriate
stakeholders (Global ITRC, Technology, ORM, Compliance, Legal, Audit, BCM etc.)
to establish risk appetite
·
Ensuring any key metrics are
produced and presented in the context of stated appetite
·
Audit Support - Liaise with
Internal/External stakeholders (regulators, auditors etc.) through all phases
of an audit including providing independent input/advise to technology teams
being audited, liaising with Auditors to ensure identified risks are
appropriately represented and dimensioned. Other key elements of audit support
includes educating technology teams in their responsibilities during an audit
(audit engagement), ensuring requested information is sourced, reviewed and
provided in a timely, secure manner
·
Risk related activities/initiatives
- Support the full range of IT risk activities including -
o IT incidents
o Change
o Internal / External audits
o Risk assessments
o Risk workshops
o Disaster recovery planning / walkthroughs / exercises
o Attestations / affirmations
o Remediation tracking
o Maintenance of ITRC artefacts
o Facilitate cross-technology and cross-division forums / meetings
etc.
·
Education/Risk Expertise -
Act as the risk Subject matter expert to Technology units providing day-to-day
support, education and training to staff to raise risk awareness and skill
levels that help us embed risk management within our day to day activities
·
Extensive experience of
working within information technology, including experience in risk management
or internal controls preferably with an Investment bank
·
Detailed practical knowledge
of the operation and maintenance of IT infrastructure and services
V 0.0.1