Head, Third-Party Risk Management (TPRM) and Outsourcing | Kuala Lumpur, MY

Head, Third-Party Risk Management (TPRM) and Outsourcing

• PRIMARY OBJECTIVE
• This role will be responsible for overseeing the development, implementation, and management of comprehensive third-party risk management and outsourcing strategies across the organization.
• Enhancing the organization's resilience to disruptions, sustaining critical operations, and effectively managing risks.
• This include conducting objective analysis, utilizing data to inform recommendations to senior management, and overseeing the coordination and implementation of internal and regulatory standards for IT service delivery, business continuity, and resilience.
• Key Responsibilities
  
  Third-party Risk Management and Outsourcing
• Develop a comprehensive framework, policies, and procedures to effectively manage the risks associated with third-party relationships and outsourcings.
• Take the lead in continuously assessing and conducting due diligence on the resilience of third-party vendors, including reviewing and validating their business continuity plans to ensure they meet the requirements of the organization.
• Serve as a subject matter expert on TPRM and outsourcing matters, keeping abreast of emerging trends, regulatory developments, and industry benchmarks.
• Regularly assess the risks associated with third-party vendors to ensure they comply with both regulatory and organizational standards.
• Drive continuous improvement initiatives by evaluating and enhancing data analytics capabilities to optimize the efficiency and effectiveness of Third-Party Risk Management (TPRM) and outsourcing processes.
• Implement a monitoring and reporting system that includes performance metrics, key risk indicators (KRIs), and reporting dashboards to oversee and track third-party relationships.
• Develop and maintain an incident response plan and protocols to effectively address any incidents, breaches, or disruptions related to third-party vendors.
• Provide support to business and functional areas to ensure consistent identification and assessment of third-party risks in accordance with the established framework, policies, and procedures.
• Collaborate with cross-functional teams to conduct risk assessments, identify potential gaps or vulnerabilities, and implement remediation plans as necessary.
• Partner with internal stakeholders, including Legal, Compliance, IT, and Procurement, to drive a culture of risk awareness and accountability across the organization.
• Utilize data analytics tools and methodologies to collect, analyze, and interpret relevant data for the purpose of identifying trends, patterns, and insights related to third-party risk exposure and performance.
• Stakeholder Management and Reporting
• Create and deliver actionable management reports on third-party risk, encompassing operational resiliency, metrics for business continuity management, testing outcomes, and incident response actions.
• Interact with senior stakeholders to effectively communicate operational resiliency concerns and offer guidance and suggestions.
• Provide periodic risk management reports to the group risk committee and board risk committee.
• Additional Job Responsibilities:
  
  Operational Resiliency and Business Continuity Strategy
• Play a pivotal role in ensuring the Group's operational resilience and business continuity planning strategy remains robust and compliant with industry standards and regulatory requirements.
• Identify potential threats and vulnerabilities to critical operations, devising proactive strategies to mitigate risks effectively.
• Conduct thorough assessments of Business Impact Analysis (BIA), Risk Assessment (RA), and Business Continuity Management (BCM) prepared by different business units and functional areas.
• Provide hands-on support and review the outcomes of testing for Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) to guarantee their efficacy.
• Serve as a key resource during crisis situations, offering guidance and support to facilitate swift response and recovery efforts.
• Collaborate closely with external stakeholders, including local authorities and suppliers, to ensure the Group's crisis response aligns seamlessly with local laws and regulations.

Find thousands of job opportunities by signing up to eFinancialCareers today.