Purpose
The purpose of the position is to develop and maintain the information technology (IT) risk and compliance frameworks, policies, processes, and procedures through the implementation of best practices and approved IT governance frameworks. The role is also responsible for monitoring compliance to IT security policies and their alignment with the Scheme's business objectives, monitoring IT disaster recovery plans and execution and their alignment with the Scheme's business continuity plans and working with risk management and internal audit units to monitor IT internal control system.
Duties & Responsibilities
Responsibilities
- Policy Management - Developing, updating, and implementing IT governance policies and procedures that align with organizational goals, industry regulations, and best practices.
- Compliance Management - Ensuring that the organization complies with relevant regulations, standards, and frameworks such as POPI, ISO 27001, NIST, etc., by regularly assessing and monitoring adherence to policies and procedures.
- Risk Management - Identifying, assessing, and mitigating IT-related risks that could impact the security, integrity, and availability of organizational data and systems.
- Audit and Assessments - Conducting regular audits and assessments to evaluate the effectiveness of IT governance processes and controls and making recommendations for improvements as needed.
- Incident Response Management - Developing and implementing incident response plans to address cybersecurity incidents, data breaches, and other IT-related emergencies in a timely and effective manner.
- Training and Awareness - Providing training and awareness programs to educate employees about IT governance policies, procedures, and best practices, and ensuring that they understand their roles and responsibilities in maintaining compliance and security.
- Vendor Management - Managing relationships with third-party vendors and service providers to ensure that they adhere to the organization's IT governance standards and requirements.
- Continuous Improvement - Continuously monitoring and evaluating the effectiveness of IT governance processes and controls and implementing improvements to enhance overall governance maturity and effectiveness.
Desired Experience & Qualification
Requirements
- A minimum of 5 years’ experience in IT auditing or ICT governance, risk, and compliance
- Grade 12
- Certifications in either – CISA, CISM, CRISC, CGEIT or CISSP / COBIT Training are essential
Package & Remuneration
R Highly Negotiable
#J-18808-Ljbffr