Responsibilities
Core Governance & Framework Development
- ERM Frameworks: Design, implement, and maintain the Enterprise Risk Management framework tailored to the company's specific industry (e.g., tech, manufacturing, retail).
- Risk Appetite: Define and update the company's risk appetite statements and risk tolerance levels alongside senior leadership.
- Policy Ownership: Establish clear risk management policies, procedures, and governance structures across all business units.
Risk Identification & Assessment
- Risk Registers: Maintain and update the corporate risk register by continuously identifying emerging risks (e.g., cyber threats, geopolitical shifts, climate change).
- Risk Assessments: Facilitate regular risk assessment workshops with department heads to evaluate risk likelihood and financial or operational impact.
- Scenario Planning: Conduct scenario analysis and stress testing for major business disruptions, such as supply chain failures or data breaches.
Mitigation & Monitoring
- Action Plans: Collaborate with risk owners to develop, track, and validate effective risk mitigation strategies and internal controls.
- Key Risk Indicators: Define and monitor Key Risk Indicators (KRIs) to serve as early warning systems for escalating risks.
- Business Continuity: Partner with operations teams to align ERM with Business Continuity Planning (BCP) and Disaster Recovery (DR) programs.
Reporting & Communication
- Executive Reporting: Prepare high-quality risk reports and dashboards for the Audit Committee, Board of Directors, and C-suite executives.
- Risk Culture: Cultivate a risk-aware culture across the organization through targeted training and awareness programs.
- Cross-Functional Advisory: Act as an internal consultant to business units, providing risk insights for new product launches, market expansions, or major capital investments.
Requirements
- Bachelor's degree holder from a globally recognised university
- At least 15 years of experience, with solid exposure in enterprise risk management gained from commercial companies
- Open for candidates from Big 4 risk advisory (non-FS)
- Excellent command of English
