First-Line Risk Lead
A Day In the Life
The First-line Risk Lead is a key ‘Line 1’ role supporting a number of BUs with their first line risk accountabilities. This will include (but not limited to):
- Actively championing the enterprise risk framework within the BUs noted
- Driving BUs’ compliance with the Risk Profiling Standard (incl. control uplift/attestations, implementation of actions and sharing of KRI data), Compliance Obligations Management Standard, Incident Management, Business Continuity and Third Party Risk Frameworks
- Driving the reporting and monitoring of risks, ensuring issues are identified and working with the owners to develop mitigating strategies
- Reviewing/maintaining BUs’ risk profile within the GRC system
- Leading BAU/project/initiative risk assessments
- Improving risk awareness and culture within supported BUs
- Assisting with regulatory and internal audits
- Working with the BU leadership team to increase risk maturity; and
- Providing challenge to proposed risk mitigation solutions to drive improvement around controls.
- Embedding risk discussions in recurring forums designed to increase maturity, ownership and understanding (e.g. BU LT meeting, town halls and others as appropriate)
- Working with risk and control owners across BUs, reviewing open actions and working with the owners to address these in a timely fashion. Also ensuring that the reporting around these actions are updated regularly
- Compiling and submitting RAS Key Risk Indicators (KRIs) to the GRC team for monitoring
- Providing feedback on key enterprise risks every two months for ARC reporting in consultation with the Group Executive/SME; and
- Reviewing BU risk profile (inclusive of compliance risks) and updating risks/causes/controls/actions as appropriate within the GRC System; and
- Co-ordinating submission of KRIs for key risks in BU risk profiles.
- Supporting and facilitating control attestation process within the BUs – including preparation to ensure all details are accurate, supporting colleagues to respond to their attestations and reviewing actions created as a result of ineffective controls
- Critiquing and rationalising controls to focus on those that are key and enabling the Group Executives to sign off controls; and
- Undertaking BU risk deep-dives in line with BU assurance plan.
- Supporting the Group Executivess to conduct a review and update of policies each BU might own
- Leading the annual formal review of the risk profile with the BU LT including preparing presentation materials and reflecting updates in the GRC System; and
- Assisting each BU requirements of the business continuity management framework.
- Supporting BU to respond to and manage any incidents that arise (including reporting through the GRC portal and management of associated actions)
- Assisting BUs with requirements of the third-party risk management framework
- Leading BAU and project/initiative risk assessments; and
- Facilitating regulatory and internal audits as required.
Skills & Experience
- Experienced in the application of 1st line risk management, compliance and internal audit frameworks (preferably for 4+ years)
- Ability to deliver multiple initiatives/projects simultaneously and autonomously with a sense of urgency
- Polished written and oral communicator across management and executive levels of the organisation
- Strong proficiency in MS Office Suite incl. Visio
- Proficiency in using GRC systems; and
- Tertiary qualifications in commerce supported by appropriate post-graduate qualifications and/or industry accreditation/certification.
- Experienced gained in a technology and data driven firm
- Initiative shown in making decisions in order to complete tasks
- Co-operation with team members
- Relationships with internal and external stakeholders
- Taking on feedback and seeking self-improvement
- Assist outside normal duties when needed
- Adapting to change
Quality of Work
- Attention to detail
- Written/communication skills
- Ability and expertise in getting things done
- Open to challenge
- Continues to 'get on with it' despite change and uncertainty