Purpose of the Function
The Information Risk Management (IRM) resides within the Non-Financial Risk domain. You will hierarchically report to the Head of NFR.
Within the Non-Financial Risk domain, IRM has a responsibility for the development and maintenance of the non-financial risk management framework - especially policy setting and advisory - with a focus on Information (Technology) Risks and Continuity Risks.
It is also responsible to provide direct IRM and BCM support to ING Corporate Information Management.IRM focuses on the Information (Technology) Risk and Continuity Risk :
Information Technology (IT) concerns managing Information (Technology) Risks within IT Governance, IT Management and IT Security;
Operational Resilience concerns measures to ensure Availability of Business Services;
Information Management concerns managing Information (Technology) Risks within the lifecycle of information and use of information to the benefit of the stakeholders.
Continuity Risk is the risk of financial loss, regulatory sanctions or reputational damage due to business disruptions (loss of people, processes, systems, data, premises) caused by severe events (e.
g. natural disasters, infectious diseases, power outages, terrorism).
IRM is in charge of ensuring that Business Continuity Plans are available to identify the critical processes and describe the corrective measures and resources necessary in case a business is disrupted and cannot be resumed within the normal environment.
It is also in charge of the Disaster Recovery Plans to recover the time critical business processes or value chains and describes all ICT measures necessary to support these requirements.
Support the Head of NFR and BCM of ING Bank N.V. Manila Branch with research, fact finding, collecting evidence and documenting activities;
Contribute to the development and maintenance of IRM Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
Support the functional oversight of the global IRM / BCM community by means of Quality Assurance reviews;
Be a trusted IRM-BCM advisor towards business and NFR risk specialists;
Participate in, challenge and periodically report upon the risks of key strategic (IT / BCM) programs and projects;
Participate and challenge in risk assessments on specific Operational Risk or Information Risk projects and programs.
Support strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, research and documenting activities;
Supports the identification of the impact of and the coordination of responses to law and regulatory changes, ECB reports, etc.
and monitors the follow-up of the regulatory issue solving.
Contribute to the development and maintenance of a curriculum and training programme, and to training of the IRM-BCM community.
Experience / Competencies
You have IT background and knowledge.
You are a practitioner in the field of Information (Technology) / Business Continuity Risk Management, possessing knowledge of IRM, BCM and IT processes.
You are able to deal with and advise on standard matters that are a major concern to lower level management of ING Bank.
You are a trusted IRM advisor, who directs, advises and supports the identification, analysis and mitigation by business of risks that result from inadequate security of information (supporting business applications, IT processes, databases and supporting infrastructure), with the aim of assuring reliability of information, integrity and the availability of systems.
You challenge and monitor IT and Continuity risk management processes and quality.