Enterprise Risk Management Lead Specialist

Jobholders at this level are experienced professionals capable of conducting work with general directions. They are primarily concerned with developing solutions to challenges which require some analysis to understand and resolve, and addressing issues escalated from junior levels. They undertake complex operational activities including developing organizational resilience plan and effective mitigation plan, participating in the development of needed documentations including governance policies and processes in addition to risk appetite documents, participating in delivering high quality Enterprise risk management training sessions to help in developing other team members in risk related competencies, coordinating with related internal stakeholders to prepare and monitor the needed execution plan to handle identified corporate risks and business continuity and update accordingly ZATCAâ??s risk appetite, analysing reports and data and accordingly developing related reports highlighting key outputs and recommendations.

Job Responsibilities

Risk Assessment

• Follow on the latest ERP topics, models, systems and best practices to recommend updated in risk assessment methodologies, tools and techniques
• Review ZATCA’s business model and analyze risk appetite levels and embed control criteria into the organization functional activities to ensure alignment with ZATCA’s strategy and management directions
• Conduct risk assessment to evaluate current operational risks resulting from human errors, weak systems, business processes, procedures, etc. and highlight emerging risks
• Review and validate identified corporate risks, incorporate mitigation plan into sectors’ and divisions’ operational plans and communicate with relevant business units to limit occurrence
• Assess and analyze emerging risks, conduct relevant risk assessments to update registers and develop response plans to ensure that business areas have a suitable mitigation strategy in place
• Consolidate and categorize risks, develop risk factors and KPIs for each sector and update SAS system and related database accordingly
• Prioritize risks and develop corporate risk heatmap according to risk assessment results and ensure communication with business units to facilitate the development of response plans

Risk Control

• Develop dashboard to follow on Key Risk Indicators and high risks to ensure the accurate and timely spotting of identified exposures
• Implement risk mitigation protocols and track risk related metrics including operational, financial, fraud and information security risks based on precedents and best practices
• Review and update mitigation plan to include newly identified risks’ response and cascade to concerned functions for implementation
• Perform quarterly risk and control re-assessment studies to identify new risks, re-evaluate outstanding ones and recommend improvements to the risk structure
• Conduct awareness and training sessions to cultivate a risk control culture and foster risk awareness in the organization and provide guidance over corporate risks and ERP risk framework
• Review and analyze ZATCA’s risk management activities and update the Risk Maturity Model to measure the effectiveness of risk management program and develop reports highlighting improvement actions

Reporting

• Develop periodic reports highlighting corporate risks by intensity and severity to the board of directors and relevant committees to support decision making in strategic areas

Organization and Operations

• Follow all relevant policies, processes and standard operating procedures so that work is carried out in a controlled and consistent manner
• Help in solving escalated problems and provide needed support for junior team to ensure work is carried out in an efficient manner
• Escalate complex problems to the relevant person to ensure cases/issues are closed properly
• Perform other duties as requested

People Management

• Train junior staff on the different job activities to ensure transfer of know-how, when applicable
• Provide clear direction, prioritize tasks, assign and delegate responsibility, and monitor the workflow of subordinates/ junior staff
• Support junior staff or direct reports in order to execute their duties according to set policies and processes

Education

Bachelor’s degree in Risk Management, or equivalent is required

Experience

A minimum of 4 years of relevant experience