IT RISK MANAGEMENT

 


  • Develop Information Security policies, indicators/ parameters, and framework for Banks to minimize potential losses and to comply with Regulatory requirements.
  • Communicate information security policies and frameworks to all functions and ensuring adherence to them.
  • Develop information security monitoring techniques and processes/tools to ensure that the frameworks and policies are implemented to minimize losses for Banks.
  • Assess and report the Bank risk exposure related to Information Security processes.
  • Develop and manage the information security and the security team.
  • Manage, maintain, and implement the Information Security Framework across the organization.
  • Develop and maintain the enterprise information security policy and follow-up the implementation of the policy with all stakeholders across the organization.
  • Manage the information security projects.
  • Assess existing information technology network architecture and the technologies and recommend security requirements based on the information security framework.
  • Ensure the availability of technical controls, based on best of practice, to accommodate security requirements for all the technical platforms used in the organization.
  • Ensure all information assets are classified according to criticality, labeled and information owners are designated.
  • Maintain and promote the information security awareness program.
  • Provide and deploy proper technique/processes/tools to monitor and ensure remedy to the following:
      • Unauthorized access to organization's network.
      • Non-compliance with the organization security policy and controls.
      • External penetration testing to assess risks and identify vulnerabilities.
    • Internal vulnerability assessment on critical information security assets.
  • Implement and maintain the security incident response process and follow-up security incidents to completion.