JOB DESCRIPTION JOB TITLE IT AND BUSINESS TRANSFORMATION RISK

1 BRIEF DESCRIPTION OF TECHNOLOGY S PRINGS
12 FILLING OUT DESCRIPTION OF THE APPLICATION
4 POSITION DESCRIPTION 1POSITION TITLE ACCREDITATION OFFICER

BRIEFING NOTE JOB HAZARD INFORMATION FOR JOB DESCRIPTIONS
Burttitle meta Namedescription Contentrichard Burt a Professor of
CHAD TURPIN SCHOLARSHIP SCHOLARSHIP DESCRIPTION THE

CAF JOB DESCRIPTION

Job Description

Job title: IT and Business Transformation Risk Manager

Grade: E

Department: CAF Bank Risk and Compliance

Main purpose of the job:

The IT and Business Transformation Risk Manager will play a pivotal 2LOD role in ensuring the Bank’s exposure to IT and business risks are managed through the transformation of its core banking system, due for completion end of 2022.

This role is a specialist technical role with significant experience required working in the IT industry, business transformation and of current risk management techniques. Whilst focus will primarily centre on the Bank’s Transformation Programme, the role will also be involved with all aspects of the Bank’s IT strategy. The role will be responsible for leading the Bank’s operational resilience work stream encompassing operational activities and continuing to embed the work undertaken to date. The IT and Business Transformation Risk Manager will maintain a close relationship with IT and the Business and will develop a detailed understanding of the Bank’s strategy, business model and regulatory environment. The role holder will be required to provide interpretation of regulatory requirements and provide technical input and expertise to support the business by relating this pragmatically to business activities.

Reporting to the Bank’s Chief Risk Officer, the IT and Business Transformation Risk Manager will be part of the Second Line of Defence, working closely with the CRO, CIO and IT. As a key member of the Bank’s senior management team, the IT and Business Transformation Risk Manager will actively support the Bank’s CRO, other members of the Executive team and the Executive Risk Committee by undertaking risk based analysis and making recommendations to ensure the Bank operates within its stated risk appetite.

This role is subject to the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) Certification Regime and the associated regulatory rules, including the need to be certified as fit and proper to perform it. Certificates will be reassessed on an annual basis, or in the event of a change in responsibilities. The IT and Business Transformation Risk Manager must also comply with the Individual Conduct Rules.

Responsible to: CAF Bank CRO

Budgetary responsibilities: None

Responsible for (staff/jobs): No responsibility but will need to work closely with other members of the Risk and Compliance team in particular the Risk Manager and Compliance Manager.

Key Job Responsibilities:

Risk Management

Risk Management - responsible for leading the ongoing embedding of the Bank’s risk management framework and Operational Risk Management Framework to ensure IT risk (including IT information security) is managed by the First Line of Defence in accordance with risk appetite:
- CAF Bank Transformation (ensuring both IT and Business risks are joined up).
- All remaining areas of the Bank’s technology
RCSA – Working with the risk manager, oversee the RCSA process incorporating IT risks:
- Support and challenge to the risk and control owners of the IT related risks.
- This process includes identification of the causes and consequences, assessment, proportionate response/actions, and monitoring.
- Oversee and challenge the control effectiveness assessment within IT and actions taken to increase the effectiveness of the control environment.
Vendor management – providing oversight and challenge with the management of vendor risks.
Management Information - responsible for leading the analysis and delivery of IT risk MI reports for the Bank’s executive committees. This will enable the Bank to assess its holistic risk profile and make informed strategic decisions to manage the business within its stated risk appetite.
Governance – undertake ongoing review and provide feedback regarding the governance arrangements within the Bank and between the Bank and the parent. Giving assurance there is a clear organisational structure with well defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the IT risks the Bank is or might be exposed to.
Training - responsible for leading the provision of risk and regulatory training to 1LOD in IT to build risk and regulatory awareness, embedding a risk aware culture.
Risk Culture - responsible for measuring and evidencing an embedded risk culture within IT.
Horizon scanning – to work closely with the Compliance Manager with identifying changes and updates that are relevant for the Bank with particular focus on IT and operational resilience. Assess and present these to the business, IT and senior management team with advice on regulatory impact and change required where necessary.

Incident Management

Ensure the Bank’s incident management framework and IT incident management Framework are aligned, with clear escalation into the Bank and Executive team.
Support the 1LOD through incident management activities.

Operational Resilience

Leading the embedding and ongoing development of CAF Bank’s operational resilience methodology through CAF Bank’s Transformation.

Relationship between IT and the Bank

Build effective working relationships between IT and the Bank.
Responsible for building a solid understanding of the Bank’s business model and regulatory obligations to enable clear articulation of the Bank’s priorities and regulatory obligations.

Other

Support the Bank in embracing good customer outcomes and supporting the embedding of the Conduct Risk Framework.
Reasonable steps must be taken to ensure delivery of any delegated responsibilities as detailed within the Reasonable Steps Framework.

CAF Behaviour Framework

The CAF behaviour framework sets out in a transparent and consistent manner the explanation of the performance expectations of all CAF People. Through the use of common language and common standard, it combines a set of behaviours with the required technical skills and knowledge needed to effectively perform in any given role with us. This framework is used for the assessment, management and development of performance of all our people.

Please refer to ‘Work the CAF Way’ booklet for the CAF behaviour framework.

Dated: January 2021

Person Specification

Job title: IT and Business Transformation Risk Manager

Date: January 2021

Attributes

Essential



Desirable



How Evidenced *

Experience

Significant Experience working in the IT industry with particular focus on IT and business transformation (including Cyber and cloud), 2LOD oversight and challenge
Proven stakeholder management capability
Proven experience working with senior managers and executives
Experience of PRA/FCA regulation within a regulated financial environment
Proven track record of strong leadership and implementing 3LOD model within the retail banking/financial sector
Vendor management



A/C

Qualifications

Degree level or equivalent
Recognised Financial Services Qualification



A/E

Specialist skills/ability/knowledge

IT and business transformation skills and knowledge
Vendor management
Deep technical understanding of risk & resilience methodologies, resilience improvement methods and risk related control frameworks and the ability to drive and deliver their implementation
Strong analytical skills and a good eye for detail
Excellent planning and organisation skills
Numerical skills and the ability to evaluate costs
Have extensive knowledge and understanding of banking practice and retail financial services market development, demonstrating an appreciation for the challenges of delivering a robust risk framework with due regard to the overall demands on the Bank



A/C/T

Communication

Excellent communicator (with good presentation skills) at all levels up to and including the main Board
Ability to present complex business analysis issues to audience groups with varying depth of understanding
Ability to communicate the value to the Bank of having a robust risk culture



Personal qualities

Ability to demonstrate a high degree of innovative thought in the design of solutions and thinking outside the box
Have commercial awareness and the ability to understand broad business issues and apply common sense when making risk based judgements
Ability to cope under pressure and manage a complex workload
Ability to work independently, self motivated
Ability to demonstrate effective stakeholder management capabilities, negotiation skills and the ability to influence people
Ability to work at pace to meet deadlines
Team player
Demonstrable empathy with CAF’s mission and values



A/C/T

Prior to Appointment

All posts:

Credit check
Dow Jones check
Basic DBS Check
Employment references
Medical clearance
Right to Work in the UK

*FCA approved posts:

Standard DBS Check



R/E

*Key: R= References E= Evidence/certificates A= Application C= Competency interview T=Testing/assessment

CHISEL MAINTENANCE OFFICER JOB DESCRIPTION OBJECTIVES
CLASSROOM TESTED LESSON VIDEO DESCRIPTION “SECRETS OF THE
COURSE TITLE BUS030150FINANCIAL ACCOUNTING BRIEF DESCRIPTION

Tags: business transformation, broad business, description, transformation, title, business