Deputy Executive Manager - Business IT Risks & Controls Governance

Job Summary

Major Tasks

• Implement and maintain the IT Risk Management Framework across IT and business units. Align with COBIT, ISO, NIST, and the Club's ERM framework.
• Conduct risk assessments, update control libraries, and support risk owners. Ensure controls are effective and key risk indicators are monitored.
• Identify, track, and report IT risks and incidents to stakeholders and governance. Highlight material changes, escalations, and lessons learned.
• Develop and maintain business continuity and resilience programs. Ensure recovery strategies are in place and tested regularly.
• Conduct business impact analyses and participate in resilience exercises. Recommend improvements to continuity plans and emergency procedures.
• Manage audit issue lifecycle from identification to remediation. Align corrective actions with internal policies and regulatory standards.
• Maintain centralized tracking of audit issues and remediation progress. Escalate delays and verify implementation through follow-up reviews.
• Evaluate IT control effectiveness through testing and walkthroughs. Identify gaps and recommend control improvements.
• Develop and update IT risk policies, standards, and procedures. Ensure alignment with organizational goals and industry best practices.
• Monitor compliance with risk policies and provide training to staff. Foster awareness and accountability through communication and education.
• Leverage GRC tools and automation for testing, tracking, and reporting. Stay current with emerging technologies and risk governance trends.
• Lead and mentor risk and resilience teams to ensure high performance. Promote a culture of continuous improvement and proactive risk management.

Education

Qualifications

Experience