Enable job alerts via email!
Strategic & IT Risk Assessment Consultant
Thusa Batho Labour Solutions
Pretoria
On-site
ZAR 200 000 - 300 000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A project-based consultancy is looking for a qualified candidate to conduct annual Strategic and IT Risk Assessments in South Africa. The role involves developing project plans, facilitating risk assessment workshops, and ensuring the alignment of identified risks with strategic objectives. Candidates should have a minimum of five years’ experience in risk assessments, be a designated project leader with a relevant qualification, and possess proven experience in public-sector environments. This fixed-term appointment is linked to specific project deliverables.
Qualifications
- Minimum of five years experience in conducting Strategic and IT Risk Assessments.
- Designated Project Leader with relevant qualification.
- Proven experience within the public sector or similarly regulated environments.
Responsibilities
- Conduct the annual Strategic and IT Risk Assessment.
- Facilitate risk assessment workshops with stakeholders.
- Develop Risk Action Plans and compile risk registers.
Skills
Education
Job Description
We are looking to appoint a suitably qualified and experienced candidate with proven public‑sector risk management expertise to conduct the annual Strategic and IT Risk Assessment in line with recognised risk management standards and governance frameworks.
The objective of this appointment is to engage a competent candidate to conduct a comprehensive Strategic and IT Risk Assessment, culminating in a suite of high‑quality risk management outputs. These outputs will support executive decision‑making, strengthen governance oversight, and enable effective monitoring and management of strategic and IT risks. The assignment will require close engagement with Executive Management, Risk Management structures, and Audit Committees.
The scope of work includes, but is not limited to, the following key activities.
Develop a comprehensive Project Plan detailing timelines, milestones, roles, and deliverables.
Conduct data collection and an in-depth review of relevant strategic, operational, and governance documentation.
Gain a thorough understanding of the organisation’s mandate, strategic outcomes, APP targets, and operating environment.
Engage with key stakeholders, including Executive Management and governance committees, to clarify strategic priorities and risk areas.
Facilitate pre‑engagement meetings (physical or virtual) as required.
Facilitate and lead structured risk assessment workshops to identify strategic risks and opportunities.
Ensure all identified risks are aligned to strategic objectives, outcomes, and APP targets.
Collaborate with senior management to develop Risk Action Plans, including clear mitigation measures, responsibilities, and timelines.
Compile a Strategic Risk Register and detailed Strategic Risk Profile Report for governance review.
Identify and assess risks related to critical IT infrastructure, systems, applications, and processes.
Evaluate existing IT controls and recommend improvements where required.
Compile an IT Risk Register and IT Risk Profile Report aligned with governance and compliance requirements.
Facilitate the development of a Risk Appetite Statement.
Define Risk Tolerance Levels aligned to performance objectives.
Identify and define Key Risk Indicators (KRIs) to monitor risk exposure.
Develop a consolidated Risk Appetite and Tolerance Framework incorporating risk appetite, tolerance levels, and KRIs.
Review and update the Risk Management Strategy, Policy, and Implementation Plan.
Ensure alignment with the organisation’s mandate, strategic priorities, and regulatory requirements.
Develop standardised dashboards and reporting templates integrating KRIs, KPIs, risk appetite, and tolerance levels.
Prepare reports and presentations for submission to Executive Management, Risk Management Committees, and Audit Committees.
Annual Strategic and IT Risk Assessment Report.
Strategic and IT Risk Registers and Risk Profile Reports.
Risk dashboards, presentations, and reporting templates.
Risk Appetite and Tolerance Framework, including KRIs.
Updated Risk Management Strategy, Policy, Framework, and Implementation Plan.
Facilitate access to relevant documentation and information.
Arrange stakeholder meetings and risk assessment workshop logistics.
Facilitate risk assessment workshops and ensure effective stakeholder engagement.
Transfer relevant risk management skills and knowledge to identified officials.
Conduct all work ethically, professionally, and in accordance with applicable standards.
This is a fixed‑term, project‑based appointment linked to the completion of the Annual Strategic and IT Risk Assessment and associated deliverables.
Service providers must demonstrate the following:
Minimum of five (5) years’ experience in conducting Strategic and IT Risk Assessments (collectively).
A designated Project Leader / Facilitator with a minimum NQF Level 8 qualification in Risk Management.
IT Risk Management Specialist.
Proven experience within the public sectoror similarly regulated environments.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
