Enterprise Risk Management Section Head

Key Accountability Areas

Key Activities

Risk Management

• Contribute to provide adequate and relevant data to assist in developing and updating SANS risk appetite statements and tolerance levels.
• Implement the enterprise risk management framework, appetite, policies, and procedures.
• Facilitate preparation and day-to-day execution of annual risk management plan.
• Assist in developing and updating the enterprise risk management framework, appetite, policies and procedures in line with professional standards and good practices, and ensure its implementation
• Participate in preparing annual risk management plan in coordination with SANS management, and ensure its implementation
• Ensure preparation and execution of annual risk management plan
• Identify and research on potential threats to SANS reputation, financial sustainability, operational efficiency, technology capabilities, workforce investments and safety
• Leverage the use of data, risk matrices and employee inputs to assist with identification of risks facing SANS; assess and analyze the identified risks, and recommend the mitigating actions
• Lead the utilization of appropriate techniques for risk quantification, measurement and aggregation to produce high quality risk matrices
• Prepare the risk mitigation gaps, agree the corrective action plans with management
• Assist in providing advice and innovative solutions to the management regarding corrective measures for mitigation of risks
• Maintain SANS risk register in the GRC directorate, and updated on a regular basis
• Update the risk register after performing the risk assessment across SANS
• Lead the provision of regular risk awareness and training sessions to employees to enhance the ability of employees to conduct risk management activities
• Assist in prepare risk reports with sufficient level of risk information and analysis to support management and the Board with decision making
• Support in provide or facilitate regular risk awareness and training sessions for employees to enhance the risk management culture and activities
• Assist in organize the periodic meetings with the second and third lines of defense, and ensure alignment on the work plans to avoid any duplications / overlaps
• Monitor the development of key risk indicators (KRIs) that are mapped to various risks to determine elevations in risk and proactively implement risk mitigation measures

Policies, Processes and Procedures

• Support in monitoring day-to-day activities to ensure compliance with stipulated policies and procedures
• Contribute to the identification of opportunities for continuous improvement of systems and processes taking into account leading practices, changes in business environment, cost reduction and productivity improvement

Leadership and Management

• Actively participate in on-the-job training, mentoring and coaching of subordinates
• Provide clear direction, prioritize tasks, assign and delegate responsibility and monitor the workflow
• Promote a high-performance working environment embracing SANS’s values

Knowledge and Experience

• Minimum of 6 years of experience in a risk management
• Relevant experience in similar industry is preferred.

Education and Certifications

• A Bachelor’s degree in Business Administration or equivalent is required
• Professional certification in Risk Management, or Internal Audit is preferred