Job Title: Group Head, Risk Management and ICT
- To promote continuity in the group’s operations by ensuring business control policies and operational guidelines are in place thereby minimising exposure to potential risks related to business performance.
- Conduct regular assessments of the compliance and risk management culture of the group and submit reports to the GED.
- Develop Key Risk Indicators (KRIs) for identified processes, products and services and communicate same to business units and the group.
- Provide independent and objective assurance on the management of risks throughout the group
- Plan, design and implement a robust risk management process for the group, ensuring there is a system in place to identify and analyze all major risks on a regular basis
- Support business units through promotion of risk awareness, development of risk profiles, mitigation of risks and effective implementation of agreed action plans
- Work with Departments to communicate and drive the group’s risk management, HSE, compliance objectives and strategies.
- Conduct periodic compliance reviews, safety audits and statutory inspections of the group’s activities to ensure conformity with existing policies and procedures, and monitor subsequent adherence to the compliance action plan.
- Monitor and assess operational risk via Heat Map analysis for Risk and Control Self-Assessment (RCSA), control self-assessments and Key Risk Indicators (KRI)
- Organize Operational Risk Management sessions with Heads of Business Units and Support groups to ensure their buy-in
- Develop Business Continuity Management framework for the group
- Keep abreast of relevant laws, regulations and codes of good business practices and incorporates them into the internal risk framework
- Make recommendations and manage the process for acquiring relevant regulatory certifications
- Interface with external regulatory bodies regarding issues resulting from such bodies and resolves accordingly
- Identify regulatory, contractual requirements, organizational policies and standards related to information systems to determine their potential impact on the business objectives.
- Design information systems controls in consultation with end users to ensure alignment with business needs and objectives.
- Identify needed resources required to implement and operate information systems and safety controls at an optimal level.
- Review information systems policies, HSE standards and procedures to verify that they address the group's internal and external requirements.
- Maintain the IT Disaster Recovery Plan including annual reviews.
- Participate in IT projects and initiatives to bring pro-active risk management focus into solutions.
- Perform other duties as may be assigned by the Group Executive Director
- Minimum of Bachelor's Degree(Second Class Upper Division)/HND Upper Credit in Actuarial Science, Computer Science with economics or a related discipline
- Minimum of 12 years relevant experience in compliance, risk management and business controls and Information Technology in a similar company/industry, 5 of which must have been in a role as an operational risk manager of a financial institution or as the Risk Manager within the oil and gas industry
- Relevant professional certifications e.g. Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), IT Infrastructure Library (ITIL), Project Management Professional (PMP), Six Sigma Professional, Certified in Risks and Information Systems Control (CRISC),Certified Risk and Compliance Management Professional(CRCMP) or other relevant industry certification
- Professional Membership of Global Association of Risk Professionals – Energy Risk Professional (ERP); Member, Institute of Risk Management (MIRM) or Certified Risk Professional (CRP)
- A Master’s degree in a related discipline would be an added advantage.
25th February, 2019.
Method of Application
Interested and qualified candidates should send their Application Letter and CV to: firstname.lastname@example.org using the job position as email subject, for example: 'Group Head, Risk Management and ICT'.