Enterprise Risk Management Expert

Purpose of Job

Jobholders at this level are responsible for leading work activities and working autonomously with minor direction towards predetermined long-term objectives. Jobholders might act as internal consultants and facilitators through providing guidance to deliver and perform operational activities. Their main operational role includes participating in developing corporate risk management strategy and policies, guiding development of resilience plan and mitigation plan ensuring effective and needed actions, advising on updating ZATCA’s risk appetite, assisting in the delivery of world-class level Enterprise Risk Management training sessions and helping in the development of team members’ risk related competencies, as well as providing needed advice for strategic decisions.

Job Resposiblites

Risk Assessment

• Follow on the latest ERP topics, models, systems and best practices to recommend updated in risk assessment methodologies, tools and techniques
• Review ZATCA’s business model and analyze risk appetite levels and embed control criteria into the organization functional activities to ensure alignment with ZATCA’s strategy and management directions
• Conduct risk assessment to evaluate current operational risks resulting from human errors, weak systems, business processes, procedures, etc. and highlight emerging risks
• Review and validate identified corporate risks, incorporate mitigation plan into sectors’ and divisions’ operational plans and communicate with relevant business units to limit occurrence
• Assess and analyze emerging risks, conduct relevant risk assessments to update registers and develop response plans to ensure that business areas have a suitable mitigation strategy in place
• Consolidate and categorize risks, develop risk factors and KPIs for each sector and update SAS system and related database accordingly
• Prioritize risks and develop corporate risk heatmap according to risk assessment results and ensure communication with business units to facilitate the development of response plans
  
  
  

Risk Control

• Develop dashboard to follow on Key Risk Indicators and high risks to ensure the accurate and timely spotting of identified exposures
• Implement risk mitigation protocols and track risk related metrics including operational, financial, fraud and information security risks based on precedents and best practices
• Review and update mitigation plan to include newly identified risks’ response and cascade to concerned functions for implementation
• Perform quarterly risk and control re-assessment studies to identify new risks, re-evaluate outstanding ones and recommend improvements to the risk structure
• Conduct awareness and training sessions to cultivate a risk control culture and foster risk awareness in the organization and provide guidance over corporate risks and ERP risk framework
• Review and analyze ZATCA’s risk management activities and update the Risk Maturity Model to measure the effectiveness of risk management program and develop reports highlighting improvement actions
  
  
  

Reporting

• Develop periodic reports highlighting corporate risks by intensity and severity to the board of directors and relevant committees to support decision making in strategic areas
  
  
  

Organization and Operations

• Follow all relevant policies, processes and standard operating procedures so that work is carried out in a controlled and consistent manner
• Help in solving escalated problems and provide needed support for junior team to ensure work is carried out in an efficient manner
• Escalate complex problems to the relevant person to ensure cases/issues are closed properly
• Perform other duties as requested
  
  
  

People Management

• Train junior staff on the different job activities to ensure transfer of know-how, when applicable
• Provide clear direction, prioritize tasks, assign and delegate responsibility, and monitor the workflow of subordinates/ junior staff
• Support junior staff or direct reports in order to execute their duties according to set policies and processes
  
  
  

Job Details

Communication and Contacs

Eductaion

• Bachelor’s degree in Risk Management, or equivalent is required
• Master’s degree in Business Administration, or equivalent is preferred
  
  
  

Experience

A minimum of 5 years of relevant experience

Competencies

Policy Making - Proficient

Communication - Developing

Fact Based Recommendations - Advanced

Professionalism - Proficient

Data Analytics - Proficient

Enterprise Risk Management - Advanced

Results Oriented - Proficient

Corporate Governance and Compliance - Advanced

Customer Focus - Proficient

Change Enabler - Developing