The primary responsibilities are to:
Assist in managing new GRC program initiatives:
- Assist in the launch of risk management program initiatives through communication and coordination with various stakeholders in the bank (1st and 2nd lines of defense).
- Hold walkthrough sessions with key stakeholders to gain an understanding of the current process as well as the future state methodology, process flow and reporting for risk identification, assessment, monitoring and remediation.
- Discuss draft design approach and deployment plan with key stakeholders for review, feedback and approval.
- Escalate challenges in implementation and propose solutions for harmonization and successful delivery.
Write business requirements:
- Enhance methodology documents with sufficient information to enable full understanding of business needs and to write user stories. This will require proficiency in interviewing skills, workflow analysis, dataflow diagramming, and sometimes screen design, etc.
- Write full blown user stories and acceptance criteria for each of the core workstreams (risk assessment, control monitoring and metrics automation) .
- Review user stories with the development team for completeness, to increase clarity as well as reducing assumptions and future issues, etc.
- Clarify any questions from the development team and update the user stories accordingly.
Ensure quality and consistency of data and reporting:
- Promote GRC vision to all stakeholders reinforcing the need for harmonization of taxonomy, process and methodology as well as aggregation and reporting ability.
- Work closely with the RISQ and technology teams to identify data quality & reporting issues.
- Coordinate enhancement of data accuracy, integrity, timeliness and adaptability across all key stakeholders and create monitoring controls to prevent reoccurrence.