ICT Risk & Projects Officer
Responsible for maintaining acceptable levels of ICT Risk, executing and overseeing implementation projects to continuously keep the ICT department prepared and in line with audit and corporate governance expectations, and applicable legislation. Effecting ICT Risk mitigation strategies based on contemporary research, best practice principles and best of breed solutions. Participating and facilitating information collation and flow for the ICT team year-round and through audit engagements, practical effectiveness through managing sub-projects, working with all stakeholders through to successful implementation, and sustained adoption.
Minimum Qualifications
- Tertiary Qualification (NQF Level 7) with Business Administration and ICT as majors
- CISA, CGEIT, cORCM and Prince 2 Certification in Project Management
Strategy and Operational Plan Implementation
Develop operational plan that delivers on the ICT strategic plan.
Monitor team performance against strategic and operational objectives.
Report on project progress against deliverables.
Management of all compliance with applicable legislation as amended from time to time.
Ownership of ICT Maturity assessments and formulating roadmaps, guiding ICT department to move key deliverables into matured states.
Leading initiatives such as data classifications, POPIA compliance.
Management of Governance and Compliance
Ensure that each ICT area has agreed KPIs that are aligned to the ICT strategic objectives and ICT operational plan.
Continuously monitor performance and actions of the ICT department are aligned to supporting key business objectives.
Manage roles in the department ensuring that they remain up to date covering all new developments in the governance and security space.
Maintain ICT services schedule of providers, systems, assets, etc. for renewal.
Ongoing engagement with all ICT team members to sustain the required generating and flow of reporting information for management, audit, and governance reporting purposes to ensure compliance.
Manage project and expenditure budgets for Risk mitigation and audit objective implementations, ensuring tight budgetary control.
Manage project and operational expenditure for specialist area through control of invoices through signoff procedures.
Manage compliance with procurement policy, processes and systems.
Provide project management office oversight focused on ICT department’s risk mitigation and implementations of audit recommendations, governance and compliance initiatives, and provide assistance to other business projects where capacity and or criticality.
Project management functions including liaison with stakeholders, scoping and detailing work breakdown structures, costing and resource estimation and scheduling, monitoring progress, intervention and assistance, alleviating deadlocks, feedback to stakeholders.
Provide procurement input and oversight to the ICT team to ensure their compliance with all Fund purchasing policies and practices.
Governance and Compliance
Monitor the Fund’s use of ICT resources to advance delivery of Fund strategy ensuring compliance in achieving organisational, audit, governance and legislative directives.
Develop, implement and or mature ICT structures, policies, procedures and documentation, in conjunction with emerging trends and technology, audit recommendations and governance requirements to ensure compliance objectives are met.
Develop and manage the ICT rights and accountability framework to reinforce desirable behaviour in the use of ICT infrastructure.
Promote ethical conduct and compliance with Fund policy, rules and processes that guide the use of ICT resources.
Manage real-time monitoring, and ensure corrective action where appropriate, to ensure desired behaviour in the use of ICT infrastructure and systems.
Ensure that the Fund conducts its business in full compliance with national and international laws and standards for financial services sector.
Controls and Mitigations
Assist in creation of true and accurate system change controls requests for execution by the respective ICT team members, and perform post implementation validation.
Perform user system access reviews, liaise with business units for approvals, identifying any gaps and seeing through to resolution.
Manage the monitoring and controlling access to confidential information through assignment of uniquely identifiable accounts and user rights authorisations for non-repudiation.
Manage the safe transmission of data through secure internet gateways and encryption of electronic data.
Manage the secure storage and disposal of data through assigning responsibility for ongoing storage and disposal of data in accordance with policy, procedures, protocols and sector best practice.
Management of personnel security through implementation of “need to know” principle and applicable policies and legislation as well as confidentiality agreements.
Management of physical security through the use of access control, security surveillance and alarm systems as well as secure storage for data.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
