Job Description
Job title: IT and Business Transformation Risk Manager
Grade: E
Department: CAF Bank Risk and Compliance
Main purpose of the job:
The IT and Business Transformation Risk Manager will play a pivotal 2LOD role in ensuring the Bank’s exposure to IT and business risks are managed through the transformation of its core banking system, due for completion end of 2022.
This role is a specialist technical role with significant experience required working in the IT industry, business transformation and of current risk management techniques. Whilst focus will primarily centre on the Bank’s Transformation Programme, the role will also be involved with all aspects of the Bank’s IT strategy. The role will be responsible for leading the Bank’s operational resilience work stream encompassing operational activities and continuing to embed the work undertaken to date. The IT and Business Transformation Risk Manager will maintain a close relationship with IT and the Business and will develop a detailed understanding of the Bank’s strategy, business model and regulatory environment. The role holder will be required to provide interpretation of regulatory requirements and provide technical input and expertise to support the business by relating this pragmatically to business activities.
Reporting to the Bank’s Chief Risk Officer, the IT and Business Transformation Risk Manager will be part of the Second Line of Defence, working closely with the CRO, CIO and IT. As a key member of the Bank’s senior management team, the IT and Business Transformation Risk Manager will actively support the Bank’s CRO, other members of the Executive team and the Executive Risk Committee by undertaking risk based analysis and making recommendations to ensure the Bank operates within its stated risk appetite.
This role is subject to the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) Certification Regime and the associated regulatory rules, including the need to be certified as fit and proper to perform it. Certificates will be reassessed on an annual basis, or in the event of a change in responsibilities. The IT and Business Transformation Risk Manager must also comply with the Individual Conduct Rules.
Responsible to: CAF Bank CRO
Budgetary responsibilities: None
Responsible for (staff/jobs): No responsibility but will need to work closely with other members of the Risk and Compliance team in particular the Risk Manager and Compliance Manager.
Key Job Responsibilities:
Risk Management
Risk Management - responsible for leading the ongoing embedding of the Bank’s risk management framework and Operational Risk Management Framework to ensure IT risk (including IT information security) is managed by the First Line of Defence in accordance with risk appetite:
CAF Bank Transformation (ensuring both IT and Business risks are joined up).
All remaining areas of the Bank’s technology
RCSA – Working with the risk manager, oversee the RCSA process incorporating IT risks:
Support and challenge to the risk and control owners of the IT related risks.
This process includes identification of the causes and consequences, assessment, proportionate response/actions, and monitoring.
Oversee and challenge the control effectiveness assessment within IT and actions taken to increase the effectiveness of the control environment.
Vendor management – providing oversight and challenge with the management of vendor risks.
Management Information - responsible for leading the analysis and delivery of IT risk MI reports for the Bank’s executive committees. This will enable the Bank to assess its holistic risk profile and make informed strategic decisions to manage the business within its stated risk appetite.
Governance – undertake ongoing review and provide feedback regarding the governance arrangements within the Bank and between the Bank and the parent. Giving assurance there is a clear organisational structure with well defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the IT risks the Bank is or might be exposed to.
Training - responsible for leading the provision of risk and regulatory training to 1LOD in IT to build risk and regulatory awareness, embedding a risk aware culture.
Risk Culture - responsible for measuring and evidencing an embedded risk culture within IT.
Horizon scanning – to work closely with the Compliance Manager with identifying changes and updates that are relevant for the Bank with particular focus on IT and operational resilience. Assess and present these to the business, IT and senior management team with advice on regulatory impact and change required where necessary.
Incident Management
Ensure the Bank’s incident management framework and IT incident management Framework are aligned, with clear escalation into the Bank and Executive team.
Support the 1LOD through incident management activities.
Operational Resilience
Leading the embedding and ongoing development of CAF Bank’s operational resilience methodology through CAF Bank’s Transformation.
Relationship between IT and the Bank
Build effective working relationships between IT and the Bank.
Responsible for building a solid understanding of the Bank’s business model and regulatory obligations to enable clear articulation of the Bank’s priorities and regulatory obligations.
Other
Support the Bank in embracing good customer outcomes and supporting the embedding of the Conduct Risk Framework.
Reasonable steps must be taken to ensure delivery of any delegated responsibilities as detailed within the Reasonable Steps Framework.
CAF Behaviour Framework
The CAF behaviour framework sets out in a transparent and consistent manner the explanation of the performance expectations of all CAF People. Through the use of common language and common standard, it combines a set of behaviours with the required technical skills and knowledge needed to effectively perform in any given role with us. This framework is used for the assessment, management and development of performance of all our people.
Please refer to ‘Work the CAF Way’ booklet for the CAF behaviour framework.
Dated: January 2021
Person Specification
Job title: IT and Business Transformation Risk Manager
Date: January 2021
Attributes
|
Essential |
Desirable |
How Evidenced * |
Experience Significant Experience working in the IT industry with particular focus on IT and business transformation (including Cyber and cloud), 2LOD oversight and challenge Proven stakeholder management capability Proven experience working with senior managers and executives Experience of PRA/FCA regulation within a regulated financial environment Proven track record of strong leadership and implementing 3LOD model within the retail banking/financial sector Vendor management |
|
|
A/C
A/C A/C
A/C
A/C
A/C |
Qualifications Degree level or equivalent Recognised Financial Services Qualification |
|
|
A/E A/E |
Specialist skills/ability/knowledge IT and business transformation skills and knowledge Vendor management Deep technical understanding of risk & resilience methodologies, resilience improvement methods and risk related control frameworks and the ability to drive and deliver their implementation Strong analytical skills and a good eye for detail Excellent planning and organisation skills Numerical skills and the ability to evaluate costs Have extensive knowledge and understanding of banking practice and retail financial services market development, demonstrating an appreciation for the challenges of delivering a robust risk framework with due regard to the overall demands on the Bank |
|
|
A/C/T A/C/T A/C/T
A/C/T A/C/T A/C/T A/C/T |
Communication Excellent communicator (with good presentation skills) at all levels up to and including the main Board Ability to present complex business analysis issues to audience groups with varying depth of understanding Ability to communicate the value to the Bank of having a robust risk culture |
|
|
C
C
C |
Personal qualities Ability to demonstrate a high degree of innovative thought in the design of solutions and thinking outside the box Have commercial awareness and the ability to understand broad business issues and apply common sense when making risk based judgements Ability to cope under pressure and manage a complex workload Ability to work independently, self motivated Ability to demonstrate effective stakeholder management capabilities, negotiation skills and the ability to influence people Ability to work at pace to meet deadlines Team player Demonstrable empathy with CAF’s mission and values |
|
|
A/C/T
A/C/T
A/C/T
A/C/T A/C/T
A/C/T A/C/T A/C/T |
Prior to Appointment All posts: Credit check Dow Jones check Basic DBS Check Employment references Medical clearance Right to Work in the UK
*FCA approved posts: Standard DBS Check |
|
|
R/E R/E R/E R/E R/E R/E
R/E |
*Key: R= References E= Evidence/certificates A= Application C= Competency interview T=Testing/assessment
CHISEL MAINTENANCE OFFICER JOB DESCRIPTION OBJECTIVES
CLASSROOM TESTED LESSON VIDEO DESCRIPTION “SECRETS OF THE
COURSE TITLE BUS030150FINANCIAL ACCOUNTING BRIEF DESCRIPTION
Tags: business transformation, broad business, description, transformation, title, business