GT GSA - RCA - Risk & Control Analytics - VP Problem Management

GT GSA - RCA - Risk & Control Analytics - VP Problem Management

10-13 years
Not Specified

Job Description

To manage a Risk Management for GT in identification , evaluation, and prioritization of risk followed by coordinated application of resources to minimize, monitor, and control the probability or impact of unfortunate events to fulfill strategies and objectives of GT.
Key Responsibilities *
  • Assess IT key risk areas and the associated risk through issue, incident and feedback from stakeholders:
  • Create awareness and understanding of the technology control objectives and associated risk to technology team
  • Develop and implement assurance program to identify control weaknesses
  • Plan and coordinate with the IT assurance team to conduct assurance review on the identified IT key area.
  • Escalate potential high risk observation to management and plan for remediation action.
  • Develop dashboard reporting from the analytics result for management decision making
  • Continuously track and review the control exception ensure the risk and control are review and remain relevant
  • Embed a positive culture of confident and informed risk-taking through guidance, training, awareness communication and promotion of the agreed risk framework.
  • .Gather and compile details of an incident raised by CIMB Incident and Problem Management Unit in the email for escalation to the relevant Management Committee according to the Category and Impact classification stated by CIMB Group Impact Classification Matrix.
  • Escalate to the relevant Management Committee within 24 hours or the next working day (after a weekend or public holiday) upon detection or confirmation of an occurrence by the respective system tower or CIMB Incident and Problem Management Unit.
  • Liaise with and update Group Risk, TRM and BCM informally as and when there is request for brief of the incident information/details from them.
  • Manage and provide oversight on the data quality input in the Loss Events Data (LED) of the ShARP system.
  • Participate in ad-hoc investigative review of any core system incident with the respective stakeholder and/or IM to ascertain and determine the risks and gaps upon special request from GT Management (GSA-RCA being an independent party within GT).
  • Provide statistical analysis and reporting upon request to assist GT or stakeholders to make informed decision of system requirements i.e. GORC monthly reporting, etc
  • Be the liaison point of contact for the Regional Risk Control Officer (RCO) in relation to issues or risk statistic of Regional Offices.
  • Be the liaison point of contact to consolidate all system incidents which breached the MCIPD/FSA and reporting of the potential/confirmed breaches on behalf of Group Technology to relevant Management Committee (i.e. GMC or GRCC) & the Customer Information Breach Admin for further their escalation to GIAD to conduct an investigation to confirm the breach.
  • Any other ad-hoc assignment to be assigned or requested by the Head of Risk Control & Assurance.
  • Any other responsibilities/tasks as assigned by the Management from time to time.

(Basic Degree/Diploma etc.)
  • Masters or Bachelor's Degree in the relevant discipline (IT / Accounting / Finance/Business / Economics / Banking).

Professional Qualification and/or Regulatory, Licensing requirements
Professional Qualification and Knowledge, such as member of recognized accounting bodies (MIA, ACCA, CPA), Certified Information System Security Professional (CISSP), Control Objectives for Information and Related Technologies (COBIT) will be an added advantage.
Relevant Work Experience
  • 10 years of working experience in banking or financial services organizations.
    • At least 5 years experience in IT Risk Management in Banking or within large organisation.
    • At least 5 years of prior leadership position in a banking / finance role in established financial institutions.


Job Source :

Similar Jobs

Career Advice to Find Better