Assistant Vice President, IT - Risk & Compliance
You will be assuming an integral role in Group IT Risk and Compliance for Great Eastern to oversee the tasks and delivery of the function's responsibilities to manage risks and controls on a timely basis and support effective IT risk management processes across IT areas. The Job
- Manage IT regulatory inspections and audit engagements with internal and external reviewers/auditors. Oversee the entire review lifecycle with reviewers/auditors during preparation, planning, fieldwork and reporting with adequate management responses, ensure timely audit issue closure.
- Conduct compliance review and pre-audit activities on key IT processes and systems according to annual plan or ad-hoc basis, identify gaps and provide recommendations for remediation.
- Manage Group IT self-assessment and key risk indicator review according to Group Risk Management and local RM&C requirements.
- Oversee IT Risk Acceptance process, review details, conduct initial assessment, drive processing and tracking of risk acceptance cases.
- Oversee IT incidents reporting process, review impact and root cause, and agree upon actions by IT Leads for reportable issues according to GIT framework.
- Monitor state of IT compliance with regulatory requirements and internal policies and provide timely management report.
- Monitor changes in technology related legislation and regulation that affect the Group IT's risk management and compliance, and drive initiatives to address potential gaps if need to.
- Provide SME advisory to IT users and functions on regulation and compliance requirements, conduct communication and awareness sessions if need to.
- Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.
- Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
- Highlights any potential concerns /risks and proactively shares best risk management practices.