IT Governance, Risk and Compliance Manager

The IT Governance, Risk and Compliance Manager will be responsible for establishing and maintaining a robust IT GRC framework that ensures the integrity, confidentiality, and availability of Access Bank’s information assets. This role involves developing policies, procedures, and controls to manage IT risks, ensure compliance with regulatory requirements, and align IT strategies with the bank’s overall objectives.

• Develop and implement IT governance frameworks and policies to ensure alignment with business objectives and regulatory requirements.
• Establish and enforce IT standards and practices to ensure the effective and efficient use of IT resources.
• Coordinate with senior management to integrate IT governance into the overall corporate governance framework.

• Identify, assess, and prioritize IT risks, including cybersecurity threats, data breaches, and operational risks.
• Develop and implement risk mitigation strategies and action plans.
• Monitor and report on the effectiveness of risk management initiatives and controls.

• Ensure IT operations comply with relevant laws, regulations, and standards, including but not limited to GDPR, POPIA, and industry best practices.
• Conduct regular audits and assessments to ensure adherence to compliance requirements.
• Coordinate with internal and external auditors and manage audit findings and remediation efforts.

• Develop, review, and update IT policies and procedures to ensure they remain current and effective.
• Communicate and train staff on IT governance, risk management, and compliance policies and procedures.

• Prepare and present regular reports to senior management on IT GRC activities, risks, and compliance status.
• Maintain comprehensive documentation of IT GRC processes, policies, and procedures.

• Stay abreast of industry trends, emerging threats, and regulatory changes.
• Recommend and implement improvements to the IT GRC program to enhance the bank’s security posture and compliance status.

• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• Master’s degree is a plus.
• Professional certifications such as CISA, CISM, CISSP, or CRISC.
• Foreign Languages: N/A.

• Minimum of 5-7 years of experience in IT governance, risk management, and compliance within the financial services industry.
• In-depth knowledge of IT governance frameworks (e.g., COBIT, ITIL), risk management methodologies, and compliance standards.

• Strong understanding of regulatory requirements in South Africa, including POPIA and other relevant laws.
• Excellent analytical, problem-solving, and decision‑making skills.
• Strong communication and interpersonal skills, with the ability to interact effectively with stakeholders at all levels.
• Proven ability to lead and manage cross‑functional teams and projects.