Job Description

Closing Date 2024/10/22
Reference Number LAN241007-1
Job Title Operational Risk Manager: IT & Data
Division Risk Management
Unit Risk Management
Job Type Classification Permanent
Location - Country South Africa
Location - Province Gauteng
Location - Town / City Centurion
Job Advert Summary(Land Bank) is South Africas only specialist agricultural bank established in 1912, the banks sole objective is to serve South African commercial and emerging farmers and bring specially designed financial services within their reach. These services enable farmers to finance land, equipment, improve assets and obtain production credit. The Land Bank provides financial services that have moved with the times and continues to provide services to agri-business and constantly reviews its offerings to ensure that they match the needs of an industry. As change has swept across the sector in South Africa the socio-economic makeup of agriculture has altered, bringing new entrants from historically disadvantaged backgrounds on to the land, these new farmers, facing the challenges of establishing sustainable agri-businesses across the agricultural value chain, Land Bank has been a commercial lifeline offering appropriately designed financial products that facilitate personal and commercial viability in a sector that is vital to the sustainability of South Africa and its people.MAIN PURPOSE OF THE JOBTo establish and manage appropriate Operational risk management principles within the IT and DATA management Developing and managing all operational risk management procures, processes and systems, Developing and managing all operational risk policies, and processes in line with the strategic objectives of the corporate plan of Land Bank. The incumbent is responsible for setting the approach in Identifying, Assessing, Managing and Reporting in respect of the Operational Risk Framework.
Key Performance Areas1. Lead design of Integrated Operational Risk Management framework and IT & DATA management

• Design, develop, implement and integration of an Operational Risk Framework and operational risk policies
• Drive and integrate the operational by ensuring ERM maturity and risk culture is embedded in the Bank
• Create operational risk training & awareness within the organisation to entrench a formal risk management approach
• Co-ordinate all risk champions throughout the organisation
• Ensure alignment between strategic objectives and operational risk measures
• Lead and co-ordinate development of the action plans by various Business units review all and test if they are adequate to mitigate the operational risks
• Implement operational risk tools to ensure improvement of quality service delivery and quantified operational risks

2. Develop Risk Appetite Framework (RAF) and risk indicators (KRIs) and operational risk framework for overall operational risks function

• Develop and track insightful Key Risk Indicators (KRIs).
• Develop and implement sound operational risk management framework that aligns with regulations and standards.
• Assess the IT & DATA strategy; IT & DATA policies; Frameworks; and procedures and identify gaps with suggested controls
• Ensure application of various frameworks (e.g. COBIT, ISO, etc.)
• Implementation of IT and DATA controls in alignment with risk, legislative and regulatory requirements, and industry trends

3. Track and monitor all operational risks registers and incident management and controls

• Develop, monitor and report on IT risk metrics and IT and DATA performance indicators
• Develop an IT risk profile in alignment with the approved Risk Management framework and process
• Maintain a meticulous inventory of operational risk events and incidences
• Assist the IT information and DATA management function with the development and maintenance of incident and risk response plan

4. Lead implementation of proactive IT and DATA management processes, procedures and governance

• Continuously analyse the effectiveness of IT and Information Security controls
• Ensure visibility of audit and risks by escalating to the relevant committees
• Ensure IT disaster recovery and business continuity initiatives, and testing is conducted by the BCM teams and tracked by operational risks
• Oversee and evaluate compliance with regulatory requirements and practices to ensure that IT-related activities adhere to required standards
• Work with IT Governance and compliance to ensure the organizations IT practices meet all applicable legal and regulatory requirements
• Help support the IT and DATA division to ensure timely and accurate reporting to all regulatory bodies as scheduled,
• Develop innovative strategies to prevent, detect, and respond to fraudulent activities.
• Lead the charge on fraud risk management initiatives.

5. Manage other key operational risks on cyber security and data breaches, restricted access controls measures

• Review and prepare response plans to cyber security incidents and information breaches
• Ensure maintenance of accurate and up-to-date documentation on IT and DATA activities
• Establish processes for continuous monitoring and reporting on compliance and risk management activities
• Conduct periodical internal operational risk assessments on IT division

6. Manage stakeholder relationships (Exco / Board / Board sub committees; Operational Risk and Process Risk but not limited to these committees)

• Timely escalation of operational incidents and risks on daily basis
• Set-up meetings with the role players to discuss the roles and responsibilities and possible areas of cooperation, improvement and conflict management
• Obtain mutual agreement on the resolution of issues, meetings required and the delivery of inter-dependent outputs and results
• Agree to the expected outcomes from each party and set-up SLAs where required
• Monitor the performance of all relevant role players continuously to ensure that the agreements are honoured
• Inform the relevant role players of the outcomes, deviations and actions required
• Implement continuous follow-up to ensure that the relationship is maintained
• Compile a database indicating the role players, expected outputs, contact details, type of agreements and relationships
• Document the interaction with the relevant role players for future reference purposes and archive
• Develop smart ways of reporting

Preferred Minimum Education and Experience

• Relevant Degree in IT, Information systems, Risk Management, or related, plus certification or membership within risk
• 5 years Experience in Operational Risk Management in IT and DATA incident management & controls at management or (subject matter expert) level
• 3 years Experience in IT and DATA management processes and controls

Critical Competencies

• Operation Risk Modelling (Qualitative and Quantitative)
• Process Engineering
• Policies and Procedures
• Operational Risk environment
• Business Acumen
• Business Environment
• Microsoft Office
• Governance

Additional Requirements

• Extended hours as and when required.
• Travel as and when required

Land Bank