(Land Bank) is South Africa’s only specialist agricultural bank established in 1912, the bank’s sole objective is to serve South African commercial and emerging farmers and bring specially designed financial services within their reach. These services enable farmers to finance land, equipment, improve assets and obtain production credit. The Land Bank provides financial services that have moved with the times and continues to provide services to agri-business and constantly reviews its offerings to ensure that they match the needs of an industry. As change has swept across the sector in South Africa the socio-economic makeup of agriculture has altered, bringing new entrants from historically disadvantaged backgrounds on to the land, these new farmers, facing the challenges of establishing sustainable agri-businesses across the agricultural value chain, Land Bank has been a commercial lifeline offering appropriately designed financial products that facilitate personal and commercial viability in a sector that is vital to the sustainability of South Africa and its people. MAIN PURPOSE OF THE JOB To establish and manage appropriate Operational risk management principles within the IT and DATA management Developing and managing all operational risk management procures, processes and systems, Developing and managing all operational risk policies, and processes in line with the strategic objectives of the corporate plan of Land Bank. The incumbent is responsible for setting the approach in Identifying, Assessing, Managing and Reporting in respect of the Operational Risk Framework.
Key Performance Areas
1. Lead design of Integrated Operational Risk Management framework and IT & DATA management
Design, develop, implement and integration of an Operational Risk Framework and operational risk policies
Drive and integrate the operational by ensuring ERM maturity and risk culture is embedded in the Bank
Create operational risk training & awareness within the organisation to entrench a formal risk management approach
Co-ordinate all risk champions throughout the organisation
Ensure alignment between strategic objectives and operational risk measures
Lead and co-ordinate development of the action plans by various Business units review all and test if they are adequate to mitigate the operational risks
Implement operational risk tools to ensure improvement of quality service delivery and quantified operational risks
2. Develop Risk Appetite Framework (RAF) and risk indicators (KRIs) and operational risk framework for overall operational risks function
Develop and track insightful Key Risk Indicators (KRIs).
Develop and implement sound operational risk management framework that aligns with regulations and standards.
Assess the IT & DATA strategy; IT & DATA policies; Frameworks; and procedures and identify gaps with suggested controls
Ensure application of various frameworks (e.g. COBIT, ISO, etc.)
Implementation of IT and DATA controls in alignment with risk, legislative and regulatory requirements, and industry trends
3. Track and monitor all operational risks registers and incident management and controls
Develop, monitor and report on IT risk metrics and IT and DATA performance indicators
Develop an IT risk profile in alignment with the approved Risk Management framework and process
Maintain a meticulous inventory of operational risk events and incidences
Assist the IT information and DATA management function with the development and maintenance of incident and risk response plan
4. Lead implementation of proactive IT and DATA management processes, procedures and governance
Continuously analyse the effectiveness of IT and Information Security controls
Ensure visibility of audit and risks by escalating to the relevant committees
Ensure IT disaster recovery and business continuity initiatives, and testing is conducted by the BCM teams and tracked by operational risks
Oversee and evaluate compliance with regulatory requirements and practices to ensure that IT-related activities adhere to required standards
Work with IT Governance and compliance to ensure the organizations IT practices meet all applicable legal and regulatory requirements
Help support the IT and DATA division to ensure timely and accurate reporting to all regulatory bodies as scheduled,
Develop innovative strategies to prevent, detect, and respond to fraudulent activities.
Lead the charge on fraud risk management initiatives.
5. Manage other key operational risks on cyber security and data breaches, restricted access controls measures
Review and prepare response plans to cyber security incidents and information breaches
Ensure maintenance of accurate and up-to-date documentation on IT and DATA activities
Establish processes for continuous monitoring and reporting on compliance and risk management activities
Conduct periodical internal operational risk assessments on IT division
6. Manage stakeholder relationships (Exco / Board / Board sub committees; Operational Risk and Process Risk but not limited to these committees)
Timely escalation of operational incidents and risks on daily basis
Set-up meetings with the role players to discuss the roles and responsibilities and possible areas of cooperation, improvement and conflict management
Obtain mutual agreement on the resolution of issues, meetings required and the delivery of inter-dependent outputs and results
Agree to the expected outcomes from each party and set-up SLA’s where required
Monitor the performance of all relevant role players continuously to ensure that the agreements are honoured
Inform the relevant role players of the outcomes, deviations and actions required
Implement continuous follow-up to ensure that the relationship is maintained
Compile a database indicating the role players, expected outputs, contact details, type of agreements and relationships
Document the interaction with the relevant role players for future reference purposes and archive
Develop smart ways of reporting
Preferred Minimum Education and Experience
Relevant Degree in IT, Information systems, Risk Management, or related, plus certification or membership within risk
5 years Experience in Operational Risk Management in IT and DATA incident management & controls at management or (subject matter expert) level
3 years Experience in IT and DATA management processes and controls
Critical Competencies
Operation Risk Modelling (Qualitative and Quantitative)