Senior Risk and Control Officer at Absa

Job Summary

• To support CVM Technology Senior Management with their Risk, Assurance and Compliance objectives. To develop, implement and maintain IT Risk and Compliance (Risk, Audits, MCA, CPA, Regulatory etc) initiatives, in line with ABSA guidelines. To successfully ensure that all activities and duties are carried out in full compliance with regulatory requirements, the Enterprise Wide Risk Management Framework and internal Absa Policies and Policy standards.

Job Description

Risk and Control:

• Ensure complete alignment with MSA processes throughout the area. This includes ensuring timely completion of attestations (and escalating where required; as well as tracking remediation for control failures DEA / OET to ensure risk is mitigated within committed timeframes.
• Involvement during planning stage of all audits in the area.
• Review audit reports and factual accuracy of reports and that correct action owners were identified. Review the feasibility of agreed actions. Facilitate closure of audit findings.
• Maintain a list of all applications managed by the area's CIO and classify them according to risk exposure.
• Roll out Risk and Control Assessments (or equivalent) and capture and maintained the results on the relevant system.
• Represent technology risk at senior management forums and committees and provide specialist input as required.
• Act as a liaison between the Head of Risk for the relevant business and the technology teams to ensure that technology risk is adequately considered in the overall risk profile for that business.
• Assist in setting technology risk thresholds and the related key indicators as well as the measurement thereof.
• Completion of the MCA, CPA and monitoring and remediation of the CE.
• Remediation and involvement in Operational Risk activities, which include; BCM, Data Privacy, Data Management, RCSA's etc.
• Provide project advisory services, where applicable.

Remediation Tracking:

• Record remediation plans (i.e. IBAMs or equivalent) on the relevant system and facilitate closure for all risk and control weaknesses identified.
• Track and monitor the adequate on time remediation of observations raised by internal or external audit, management assurance, observations raised via IBAMS (Issues Being Addressed by Management) and control issues (Senior Management issues etc) relevant to CVM and aligned BU's, including the production of the closure or milestone conversion documents (Group Technology and Business related).
• Ensure this is done through progress tracking with control owners, status reporting to stakeholders and obtaining assurance for adequacy of remediation activities.
• Engage with technology management and senior management to discuss and manage overall progress against remediation plans.
• Ensure that all closure and/or conversion documents are reviewed by the appropriate stakeholders before being submitted to Senior Management and Absa Internal Audit.
• Record remediation plans on the relevant system and facilitate closure for all risk and control weaknesses identified. 

Reporting:

• Track and report on remediation activities namely control gaps, audit issues and validation issues etc.
• Review and report on Key risk indicators for the area you support. Includes reviewing data, and defining remediation plans for gaps.
• Report on the following:
• Risk events
• Incidents
• DR statistics
• Key risks for the area
• Audit issues
• Remediation tracking
• KRI appetite
• Monthly reporting into various Committees.

Stakeholder Management and Engagement:

• Manage the close working relationships with:
• Management Assurance
• Information security
• IRM
• Business
• 1st line and 2nd line business risk
• 2nd line tech risk
• Cluster Technology RCO’s
• Internal and external audit
• Assurance
• Technology business

Education

• Bachelors Degree and Professional Qualifications: Business, Commerce and Management Studies (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised