Head of Technology Governance

Technology Governance Strategy & Leadership

• Define and lead the enterprise-wide technology governance strategy.

• Oversee the establishment and maintenance of IT governance frameworks aligned to business goals and risk appetite.

• Lead a team of specialists in policy development, risk governance, regulatory compliance, and technology assurance.

• Serve as the primary interface with senior stakeholders, auditors, and regulators on governance matters.

Policy & Standards Management

• Develop and maintain technology policies, standards, and guidelines aligned with regulatory requirements (e.g., MAS TRM, ISO 27001, NIST).

• Ensure policies remain relevant through periodic reviews, incorporating regulatory updates and emerging technology risks.

• Embed governance requirements into technology lifecycle and project management practices.

IT Risk & Control Oversight

• Define risk tolerances and ensure governance structures support consistent risk assessment and treatment.

• Oversee the implementation and continuous improvement of IT general controls (ITGC), including access, change, and incident management.

• Provide second-line challenge and oversight of first-line technology risk assessments and controls testing.

4. Regulatory Compliance & Audit Readiness

• Ensure compliance with applicable laws, regulations, and internal policies (e.g., MAS, GDPR, PDPA).

• Coordinate responses to internal/external audits and regulatory inspections.

• Track and report risk issues, audit findings, and remediation progress to senior management and board committees.

5. Assurance & Monitoring

• Lead ongoing compliance monitoring and assurance activities to validate adherence to policies and standards.

• Define and report on key governance and risk indicators (KGIs/KRIs) to senior stakeholders.

• Implement continuous controls monitoring and automation for real-time assurance.

6. Stakeholder Engagement & Culture Building

• Collaborate with Information Security, Risk, Legal, Compliance, and IT to promote a strong governance and risk culture.

• Drive awareness, education, and communication initiatives to embed governance accountability across technology teams.

Requirements

• Bachelor's or Master's degree in Information Technology, Information Security, Risk Management, or related field.

• 12+ years of experience in IT governance, technology risk, or audit functions, with at least 5 years in leadership.

• Strong knowledge of regulatory frameworks (e.g., MAS TRM, GDPR), IT standards (e.g., COBIT, ISO27001, NIST).

• Proven experience in policy management, compliance oversight, and control frameworks.

• Strong leadership, stakeholder management, and communication skills.

• Relevant certifications such as CISA, CRISC, CGEIT, CISSP, or equivalent.

Morgan Mckinley Pte Ltd

Pam Lim

EA Licence No: 11C5502

EAP Registration No: R1106192