The newest purely-digital bank in the Philippines.
• Responsible for establishing and implementing IT Risk Management strategies and framework of the Bank.
• Regular review and updating of IT Risk policies, procedures, and guidelines.
• Ensure that business growth is balanced with sound IT risk management.
• Responsible for working with the CRO to enable the business to understand the risk/return relationship that affects each channel, introducer, and product line at the same time proactively and co-operatively work with the risk team and the business to develop strategic direction and achievement of long-term objectives.
• Recommend to the Board of Directors and Senior Management appropriate policies and procedures relating to IT risk management and controls.
• Design and implement the Bank’s IT risk assessment methodology, tools, and risk reporting system.
• Coordinate IT risk management activities across the organization.
• Consolidate all relevant IT risk information/reports to be elevated/presented to the Board and Senior Management.
• Provide IT risk management training and advice to business and functional units on IT risk management issues.
• Coordinate with Operational Risk, Compliance, Internal and External Audit, Legal, and other relevant units on IT risk matters.
• Review IT risk impact of new products and processes initiated by other units.
• Review newly formulated policies and ensure that all IT risks are adequately mitigated.
• Recommends policy or procedural changes in light of analyzed trends and systematic problems from IT risk exposures.
• Liaises with other units of the Bank on their IT risk management plans and practices involving policies and procedures.
• Supervises the development of training materials/risk awareness programs (e.g. e-learning modules, broadcast materials, focus group discussions, training and seminars) to institutionalize a risk-conscious environment.
• Represent IT Risk in varying capacities and purposes, to management committees of the Bank
• Update annual for IT risk write-up (e.g., ICAAP and Annual Report)
• Performs other tasks and special projects as may be assigned by the CRO.
• Manage the day-to-day operations of the Division.
• Echo Senior Management, CRO, and Board directions to IT Risk Management.
• Motivate the team and manage their expectations.