Risk Policy and Internal Controls Manager

The role

The Risk Policy and Internal Control Manger will report to the Head of Risk Policy and Culture whilst working along side the IRG Leadership and senior stakeholders to design, implement and oversee a firm wide framework covering policy, standards and Internal Controls. This role will work cross-functionally, providing guidance and support to ensure policies and standards are developed to a common framework and Internal Controls are developed that can be tested to provide assurance.

In addition, this role will develop and implement the governance routines required to ensure the frameworks and resulting outputs (policies, standards and controls) are implemented, reviewed and periodically updated. 

MAIN DUTIES AND RESPONSIBILITIES

• Ownership for developing the framework covering policy, minimum standards and Internal control.
• Creation of templates, guidance and support for Policy and minimum standard creation, aligned to the firm’s stated risk appetite.
• Develop and implement an Internal Controls register for the firm, working collaboratively across the business with functional control owners, Internal Controls Leads and with Risk & Resilience, ensuring controls are captured, documented and available for periodic testing.
• Implement a process and governance for the review and approval of policies on a continuous basis,
• Develop the approach for roll out of new policies across all groups, countries, and departments. 
• Engage with Risk Culture & Awareness to align scheduling ensuring policies and standards are followed through education and awareness interventions. 
• Working with policy owners and SMEs across the firm to ensure a standardised approach to all policies, reflecting the firm’s agreed risk appetite. 
• Develop and implement the approach to minimum standards, which translate the risk appetite and policies into actionable requirements for business units.
• Working with policy owners and SMEs across the firm to ensure a standardised development of minimum standards.
• Design the approach and calendar for creating, implementing and enhancing internal control processes, including a risk and control self-assessment (RCSA) and assurance reporting process to accountable leaders.
• Collaborate with Risk & Resilience & Internal Audit to ensure mitigating controls and systems are accurately recorded and updated in the Firm’s risk register(s).
• Ensure a methodical approach and taxonomy to develop the capture of controls including; control objectives, risks, testing plans, testing results, conclusions and recommendations.
• Provide insights and reporting to key committees on the status of policy, standards and controls.

ABOUT YOU

• Experience of working in a risk, control, assurance or governance role in a legal, professional services or corporate environment.
• Demonstrable knowledge and understanding of how to roll out policy frameworks and terminology.
• Demonstrable experience of delivering continuous improvement in growth environments.
• Excellent communication skills, both written and verbal, and can evidence the management of team or departmental communications to drive wider awareness and knowledge sharing.
• Experience of working effectively with cross-functional areas within a matrix structure.
• Can engage and influence remotely-based colleagues without consistent face-to-face contact.
• Be a self-starter who is able to work on their own initiative as well as being part of a team.
• Has the ability to influence a diverse stakeholder group across international locations.
• Possesses a high level of commercial acumen and analytical skills.
• Is comfortable operating in ambiguous situations, demonstrating a flexible and collaborative working style.
• High level of professionalism and personal accountability. 
• Exceptional organisational skills and the ability to manage multiple priorities to deadlines and high quality outputs.