Compliance Manager: ROLE PURPOSE: Manage the implementation and enforcement of the IT Compliance Management Framework within the department. Build and maintain strategic partnership with the Bank's Internal Audit as well as respective IT process owners to ensure conformance to IT and bank-wide compliance requirements. PRINCIPAL ACCOUNTABILITIES Lead the development, review and update of the IT Compliance Framework and related programs that can be built into the IT daily operations to ensure continuous compliance and inculcate a compliance culture across the department. Manage the development, documentation and dissemination of internal control policies, standards, guidelines and procedures necessary for compliance with statutory requirements, internal Bank's policies and standards, and international standards. Ensure department's compliance against statutory requirements, internal Bank's policies and standards, and international standards. Escalate any gaps identified on a timely basis to JIT management for identification of issue owner and proposal of corrective actions. Lead the communication with staff on changes in policies, standards, guidelines and procedures applicable to IT operations and services. Provide advice to JIT management on any matters related to IT audit and compliance. Serve as the main liaison officer among IT process owners and Internal / External Audit for matters relating to compliance policies and processes. Work with Section Heads and Unit Heads to direct corrective actions to compliance findings by internal and external auditors and report the status to the Director. Lead the unit in the preparation of compliance checks plan and manage periodic compliance checks and audits of transactions and or procedures to monitor the effectiveness of the controls based on internal policies, or work with third party auditors for completion of the audits. Provide executive summary based on analysis of evidences and support remediation activities against corrective actions as per agreed by management. Lead the benchmarking of compliance maturity level of the department against established audit/compliance framework and present the findings to JIT management. Analyse, group and correlate control weaknesses and recommend appropriate corrective actions based on selected domains or themes. QUALIFICATION / EXPERIENCE : Academic qualifications: Degree or professional qualification in Information Technology or its equivalent. Excellent command of verbal and written communication skills in English and Bahasa Malaysia Experience: More than 5 years experience in IT compliance and audit. Having related professional IT audit certifications (CISA, CISM, CGEIT, COBIT, CRISC, ISO27001 Lead Auditor) or being a member of the International Register of Certificated Auditors (IRCA) will be an added advantage. CRITICAL SUCCESS FACTORS : Understanding of applicable laws, regulations, policies, standard operating procedures, best practices of Compliance on Technology and Information Security Able to lead a team of compliance officers effectively. Excellent working relationships with stakeholders Proactive, resourceful and resilient in managing demands of the work environment. Excellent verbal and written communication skills Strong analytical, problem solving and decision-making capabilities. CHALLENGES Understanding the IT business and varying stakeholders' expectations to better facilitate the compliance monitoring Multi tasking with strict performance targets and timelines High degree of integrity, accountability, flexibility and creativity Keeping abreast with new regulatory developments, policies and procedures in the financial services industry Regular interaction with service owners and management
