Manager, Business Continuity Management - Risk & Compliance at Central Bank of Kenya

Job Purpose

The Manager, Business Continuity Management is responsible for developing, maintaining, and testing the Bank's business continuity program ensuring alive Business Continuity Management (BCM) program and Third-Party Risk Programs (TPRM) for the Bank that are in line with regulatory requirements, internal policy, and best practices.

Key Duties and Responsibilities

Business Continuity Management

• Develop, implement, and manage Business Continuity Management program. Ensure appropriate BCM capability, including technology is in place to support the business continuity requirements, working closely with the various departments and risk teams.
• Ensure annual Business Impact Analysis and Risk Assessments are carried out for all departments and documented BCPs are in place and updated in line with the bank’s BCM Policy, Prudential Guidelines and International best practice. Provide guidance and support to departments on the same.
• Design, schedule, coordinate and execute Business Continuity and Disaster Recovery annual tests for critical business processes and systems and document test results including lessons learnt and maintain a central repository for all tests. Coordinate follow up on actions arising from lessons learnt to their logical conclusion.
• Develop a crisis management and leadership plan and facilitate simulation exercises for the members as stipulated in the BCM policy and support committee accordingly during disruption events.
• Training of staff on BCP processes and standards to ensure that they are aware of recoverability of business processes and supporting services across all areas of business.
• Conduct BCM risk assessment for key bank projects as well as oversee any BCM projects.
• Ensure Business Continuity Policy and Procedures are updated regularly to align to emerging Risks and/or changes in the operating environment, the bank’s Strategy, and best practices.
• Prepare insightful BCM report for the Bank Risk Management Committee on a quarterly basis.

Third Party Risk Management

• Develop and implement Third party risk framework, policy, procedures, and recommend risk appetite metrics and thresholds for Third Party Risk.
• Conduct deep dives and reviews, including risk analysis and monitoring for Third parties taking a risk-based approach.
• Evaluate relevant existing controls and recommend new control requirements to close identified risks, including development or enhancements to the policies and standards where applicable.
• Prepare insightful Third-Party Risk report for the Bank Risk Management Committee on a quarterly basis.
• Work collaboratively and effectively with HQ departments, Branch and Risk champion and teams to deliver on the Key Result Areas and ensure no silos.

Other Responsibilities

• Responsible for staff performance, capacity building, succession management, coaching and resource management within the Section.
• Any other assigned duties and responsibilities.

Qualifications

• Bachelor’s Degree in Commerce, Business Administration, Information Technology from a reputable University.
• Professional Certification in ISO 22301 or from Business Continuity Institute (BCI) is mandatory.
• Other certifications such as Lead auditor or Disaster Recovery Manager, Certified Third-Party Risk Professional (CTPRP) or other relevant certification is an added advantage.
• Membership in a relevant professional institute and in good standing is mandatory.
• Master’s Degree in Business Administration, Accounting, Finance, Information Technology, or related business field from a recognized institution is an added advantage.

Work Experience

• At least ten (10) years’ experience in the financial services industry with at least five (5) years in Business Continuity Management, Enterprise Risk Management, or IT Governance.
• Demonstrated experience in managing Third Party Risk.
• Conversant with relevant prudential, statutory guidelines on OSH and ISO standards on BCM.

Competencies

• Strong analytical capability including the use of Computer Applications.
• Strong Risk and Regulatory knowledge and able to document and escalate key issues when necessary.

Behavioural/ General Competencies

• Leadership - Ability to motivate, influence and staff to act towards achieving a common goal. Create and articulate a vision, inspiring others to work towards achieving the vision and providing developmental and stretching opportunities to staff - in line with skills, abilities and experience.
• Decision Making - Ability to go through a thought process of selecting the logical choice out of a set of options within a reasonable amount of time.
• Professionalism, work ethic & integrity - Ability to convey the level of excellence and competence that is expected. Define, communicate and consistently exemplify the Bank’s values and ethics.
• Collaboration and teamwork - Ability to work collaboratively within a group of people in order to achieve a common goal. Support team members to take decisions independently and take the lead in their area of expertise –
• Accountability and professional development - Lead initiative/s or action/s towards the achievement of the department/Company-wide goals/ mission.
• Creativity and innovation - Promote an environment that encourages creative thinking, and innovation within the ambits of existing rules/guidelines.
• Digital mind-set - Ability to recognize the importance and impact of technology on the ways of working and integrate technology in the day-to-day job to achieve efficiency, quality and productivity in the function.
• Risk awareness and focus - Ability to the forecast and evaluate of all forms of risks together with the identification of procedures to avoid or minimize their impact.
• Customer focus - Establish service standards and develop strategies to ensure that the same are met.
• Emotional Intelligence - manages emotions in a mature and composed manner as expected of a leader.
• Highly analytical and ability to challenge status quo based on quantitative facts and impacts.