IT Governance, Risk and Compliance Specialist - Benoni, South Africa - The Recruitment Agency South Africa (TRASA)

The Recruitment Agency South Africa (TRASA)
The Recruitment Agency South Africa (TRASA)
Verified Company
Benoni, South Africa

1 week ago

Thabo Mthembu

Posted by:

Thabo Mthembu

beBee Recruiter
Description

IT Governance, Risk and Compliance Specialist

1. Job Summary
Assist in the development and implementation of IT Governance frameworks and IT controls following appropriate
methodology approved by management that is aligned with international and financial industry standards (e. g, GOI
standards (PA), Joint Standards (PA & FSCA), COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc.).
Advise the company on best business practices and to develop and implement appropriate solutions.
Work closely with cross functional teams to identify, assess, and mitigate risks while ensuring alignment with industry
standards and regulatory requirements.


2. Key Performance Areas

  • IT Governance Frameworks
  • IT Risk Management Audit
  • IT Compliance
  • Incident and Response Management
  • Documentation and Reporting
  • Security Architecture and Implementation
  • Ad hoc

3. Key Tasks (By KPA for clarity)
IT Governance Frameworks

  • Assist in the implementation of IT Governance, Risk and Compliance solutions in line with the Affinity Life
Limited approved policies and frameworks.

  • Assist in the development and implementation IT Governance, Risk Management and Compliance
policies, processes, procedures, and IT controls training materials to keep IT colleagues informed of

relevant industry, legislative and regulatory requirements, and changes.

  • Development and implementation of IT Governance Frameworks, IT Controls, recommendations from
various assessments and action plans following an appropriate methodology by managements approval

that is aligned with international and financial industry standards (e. g. GOI Standards (PA), Joint

Standards (PA & FSCA) COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc).

  • Support the development of policies, processes, and procedures for the IT Division.
  • Develop, implement, and monitor reporting mechanisms for IT Governance, Risk Management, and
Audit, to support compliance and highlight areas of exposure to management.

  • Assist in the maintenance of IT alignment activities, including report submissions, across various
governance committees and structures.

  • Include control document reviews, meeting coordination, assessment, finding mediation, assisting
control owner with remediation plan development, tracking findings through remediation, progress

monitoring, reporting, and escalation.

  • Assess the current adequacy of the business continuity / disaster recovery plans in conjunction with Risk
Management, potential threats to the systems, and then calculate the impact of potential adverse

events.

  • Participate in the development, adoption, and compliance of IT governance framework across all areas of
business.

  • Perform design and process analysis for IT business processes that impact IT Governance.
  • Facilitate adoption and continuous improvement of planning practices and processes within IT and the
business as a whole.

IT Risk Management Audit

  • Act as a risk and compliance champion for the IT Division.
  • Maintain and monitor the IT risk framework is aligned to the Affinity Life Limited approved enterprise risk
management framework.

  • Maintain the IT Risk Register in collaboration with enterprise risk management and drive implementation
of mitigation controls of risks through Managers and business within defined periods.

  • Integrate Cyber risk into IT Risk Management practices, processes, procedures, and activities.
reviews, active directory review, security, network and vulnerability assessments and IT Audits.

  • Facilitate disaster recovery and business continuity initiatives with relevant stakeholders.
  • Review identified security risks and breaches to ensure the IT assets and information are always
appropriately secured.

  • Visibility, management, and escalation of IT risks impacting the delivery of IT services.
  • Work closely with the internal clients and third parties to facilitate IT risk analysis and risk management
processes and to identify acceptable levels of residual risk.

  • Conduct IT risk assessments, and analyse the effectiveness of control activities, and report on them with
actionable recommendations.

  • Identify and monitor IT risks continuously.
  • Keep IT management up to date on the results.
IT Compliance

  • Monitor and review compliance with regulatory requirements and practices to ensure ITrelated activities
are meeting prescribed standards.

  • Management of compliance requirements to improve the company's compliance maturity with legal and
regulatory requirements such as GOI and Joint Standards, Insurance Act, PAIA,POPIA, ETC act, Cyber bill,

FICA, RICA etc.)

  • Maintain and facilitate data protection activities to ensure full compliance with POPIA and associated
regulations on personal identifiable information and business-related sensitive information.

  • Act as compliance champion for the IT Division.
  • Coordinate and support internal and external compliance audits.
Incident Response and Management

  • Develop and maintain an incident response plan
More jobs from The Recruitment Agency South Africa (TRASA)
See all jobs of The Recruitment Agency South Africa (TRASA)