- The appointed resource is required to assist in developing the required frameworks, and risk registers including the overall strategic risk, capacity development and mentoring of the IPG Team as well as the establishment of an effective risk management function.
- The outcome will be the establishment of an effective enterprise risk management solution to achieve the strategic outcomes.
- 4.3 A consolidated report containing the following must be prepared:
- 4.3.1 Review of current risk policy, practice and prevailing risk culture using a defined risk model;
- 4.3.2 Assessment of the current risk registers and definition of strategic risks;
- 4.3.3 Assessment of risk categories and reporting matrices for improvement including
- 4.3.4 Developmental support to the ARC and management regarding current
- 4.3.5 A diagnosis of issues affecting the performance of clientss ERM function;
- 4.3.6 Considerations for the maturity of clients ERM function going forward;
- 4.3.7 Required changes to the strategic risk register for FY 2024/25; and
- 4.3.8 Development and monitoring of the implementation of the operational risk register for 2025/26.
- The following policy documents must be updated and/or drafted: To be drafted/updated:
- 4.4.1 Review the risk appetite and tolerance framework;
- 4.4.2 Review Combined assurance framework;
- 4.4.3 Review Delegation of authority framework;
- 4.4.4 Review Project Risk Management framework;
- 4.4.5 Business continuity framework;
- 4.4.6 Develop and implement compliance and governance framework and policies;
- 4.4.7 Conduct fraud awareness campaigns to staff members;
- 4.4.8 Assist with the requirements of the POPIA as and when required;
- 4.4.9 Support and advise on the implementation of the following;
- 4.4.10 Refine the ERM framework, policy, and strategy;
- 4.4.11 Business Continuity; (in process);
- 4.4.12 Anti-fraud and corruption policy;
- 4.4.13 Disaster recovery plan;
- 4.4.14 Case management framework;
- 4.4.15 Internal control framework;
- 4.4.16 Management of losses and claims;
- 4.4.17 Clients policies and processes framework; and
- 4.4.18 Review and update the risk policy, standards, and framework to mitigate
- Risk registers must be updated:
- 4.5.1 Revise the strategic risk register for FY 2024/25 and identification of gaps;
- 4.5.2 Alignment of clients strategic risk register according to the planning for the upcoming FY 2025/26 in accordance with the overall clients Strategy and
- 4.5.3 Advise clients ERM team on the maintenance of strategic risk
- 4.5.4 Consultation and assistance to business unit Risk Owners and Risk Champions in
and
- 4.5.5 Assist with the definition of strategic risks versus business unit operational risks.
- An ERM function must be firmly established:
- 4.6.1 Facilitating a process to clearly define the risk appetite and tolerance of Risk by reviewing the status of enterprise risks;
- 4.6.2 Best in practice recommendations to on the overall ERM function and activities;
- 4.6.3 Implement and communicate risk reporting structures and roll out; and
- 4.6.4 Evaluate the risk maturity and culture and provide recommendations
- 4.7 Capacity development and mentoring:
- 4.7.1 Provide workshops/risk training interventions to the risk owners, management, and the Risk Management Committee; and
- 4.7.2 Provide on-going mentoring support to the Team.
- A minimum of 10 years experience in risk management.
- Risk Management/ Auditing qualification or MBA.
- Demonstrate ability to engage Executive Management (EXCO), Audit and Risk Committee (ARC) and the Board.
- Must have an Enterprise Risk Management Certificate.
- Must be a member of the Institute of Risk Management South Africa (IRMSA) attached registration and confirmation certificate.
