Job Purpose
• Organize and implement tasks to ensure compliance in the technology sector with regulations of State agencies, regulations of the Bank and international standards on technology applied at the Bank.
• Participate in identifying, managing and coordinating with departments to propose appropriate measures to prevent and minimize risks that may occur in the technology sector.
• Manage weaknesses and risks in technology operations in the IT sector.
Key Accountabilities (1)
Technology Risk Management
• Perform the department&039;s work in accordance with policies, regulations, procedures, internal guidelines... and service quality commitments (SLAs).
• Develop and organize the implementation of documents and risk indicators to detect and manage potential risks in the technology sector of Techcombank.
• Organize and implement risk assessments:
+ Advise and warn about potential risks, weaknesses, and risks of technology systems.
+ Take charge of conducting technology risk assessments; Organize self- assessment of risks in departments of the IT Sector; Participate in technology projects to detect risks, weaknesses, and risks in technology activities.
• Receive and manage newly arising risks:
+ Record and manage identified risk points.
+ Coordinate with relevant parties to handle risk items in accordance with the process (assess risk level, identify risk owners, handling plans, etc.).
• Monitor and periodically report on the status of handling technology risks to the Board of Directors of the Technology Block and related units:
+ Periodically report on the status of handling technology risks.
+ Warn, monitor, check (results, evidence) and update the status of handling technology risks.
+ Chair meetings on risk handling.
+ Collect and report KRIs.
• Coordinate with Operational Risk to deploy operational risk management tools in the IT sector at the Technology Block.
• Communicate to raise users&039; awareness of technology risks (design courses, implement communication messages on technology risks).
Compliance management:
• Organize compliance assessments in the technology field at headquarters, main/backup data centers, main/backup data transfer centers according to issued documents.
• Organize assessment of compliance status and organize implementation to ensure compliance with new regulations of State agencies in the technology field.
• Organize planning and conduct periodic or ad hoc compliance assessments as required by the Leadership for technology activities to ensure compliance with the Bank&039;s policies, regulations, and technology processes (in the field of operating technology systems, developing technology solutions and applications, ensuring information security, etc.).
• Conduct assessments and monitor the maintenance of technology certificates applied at Techcombank.
• Manage non- compliance points and corrective and preventive actions in the technology field; Prepare periodic and ad hoc reports on non- compliance points and corrective status to management levels.
• Develop regulations, processes, and checklists for technology compliance assessment at Techcombank.
• Conduct training, communication, and raise awareness of staff about the responsibility to comply with regulations in the technology field of the Bank.
