Enterprise Risk Management and Business Continuity Management Manager

Department: Risk Management

Reporting to: Chief Financial Officer

Supervises: Risk Management Officer/Analyst

Location: Head Office

The ERM & BCP Manager is responsible for developing, implementing, and maintaining the organization’s Enterprise Risk Management framework (ERM) and Business Continuity Management System (BCMS). This role ensures that risks are proactively identified, assessed, managed, and monitored while also ensuring that the organization can continue essential operations in the event of disruptions. The manager works closely with cross‑functional teams, senior leadership, and external partners to strengthen organizational resilience.

1. Risk Governance and Framework

• Develop, implement, and maintain the company’s ERM frame in accordance with corporate governance standards.
• Embed risk management principles within the organization’s policies, decision‑making, and performance management processes.
• Facilitate enterprise-wide risk identification, assessment, and prioritization.

2. Risk Identification and Assessment

• Lead company‑wide risk identification workshops with functional heads to capture strategic, operational, financial, and compliance risks.
• Maintain and update the Corporate Risk Register, ensuring clear ownership, impact analysis, and treatment plans.
• Perform regular risk assessments to anticipate emerging threats and opportunities that may impact business objectives.

3. Risk Monitoring and Reporting

• Develop and maintain risk dashboards and key risk indicators (KRIs) for management and Board reporting.
• Coordinate quarterly risk reviews and prepare comprehensive risk management reports for the CFO, Executive Committee, and Audit & Risk Committee (ARC).
• Monitor the implementation and effectiveness of risk mitigation and action plans.

4. Business Continuity & Crisis Management

• Oversee the BCM Framework, ensuring readiness for disruptions (e.g., disasters, system failures, or supply chain issues).
• Coordinate scenario planning and simulation exercise to assess organizational preparedness.

5. Advisory and Partnership

• Serve as a strategic partner to business units by advising on risk exposure, controls and mitigation strategies for new projects, expansion or investment.
• Collaborate with Internal Audit and Compliance functions to ensure alignment in risk coverage and reporting.
• Provide risk management training and awareness programs across all levels of the organization.

• Bachelor’s degree Finance, Accounting, Industrial Engineering, or related field.
• Professional certifications required: CRM or ISO 31000 Certified Risk Manager.
• CPA is a highly preferred but not required.
• Minimum of 5 – 7 yrs of experience in risk management, internal audit, or corporate governance (preferably in retail or FMCG).
• Strong understanding of enterprise risk frameworks, internal controls, and financial management.
• Excellent analytical, facilitation and stakeholder engagement skills.
• Proficient in data visualization and risk reporting tools.
• Strong analytical skills and proficiency in Excel, Power BI/Tableau, and data analysis tools.