Draft /develop/review of the risk matrix for the institution: In conjunction with Head of Risk, initiate and draft ICT areas of focus for risks by identifying, reviewing and profiling company’s new and existing ICT systems.
Using different risk identification/profiling methods like; observations, reported lapses in business and Audit findings, conduct risk identification and... assessment.
Conduct trainings and awareness sessions to staff highlighting potential ICT risks and mitigants to operations, strategy and people processes so as to embed an ICT risk management culture in the company.
Support with risk awareness in institutional projects: Participate in the identification, assessment and management of potential risks in all institution ICT projects, investments, processes and policies by highlighting potential risks and due mitigations to avert financial or non-financial losses.
Reports: Develop and submit reports as required arising out of IT risk identification, assessment and mitigation to support business efficiencies and further management decision making in the institution.
Risk benchmarking: Carry out benchmarking on best practices and procedures in ICT risk identification, planning, controls to support the institution to effectively manage ICT risks.
Monitor ICT activities to ensure adherence to set internal and external ICT policies, procedures and other guidelines governing risk identification, assessment, control and overall Risk management processes in the institution. more