Purpose of the Role:

Responsible for maintaining acceptable levels of ICT Risk, executing and overseeing implementation projects to
continuously keep the ICT department prepared and in line with audit and corporate governance expectations, and
applicable legislation. Effecting ICT Risk mitigation strategies based on contemporary research, best practice principles
and best of breed solutions. Participating and facilitating information collation and flow for the ICT team year-round
and through audit engagements, practical effectiveness through managing sub-projects, working with all stakeholders
through to successful implementation, and sustained adoption

INTERNAL (TEAM) INTERACTION (information, support, advice): Organisation wide management and exchange of information sharing, support, advice,
persuasion and education on governance, compliance and security

EXTERNAL INTERACTION (information, support, advice, persuasion/ negotiation): Service providers: Management of exchange of information, advice,
persuasion and negotiation. Local Authorities: Exchange of information, advice, persuasion and negotiation on effective use of Fund systems.

MINIMUM QUALIFICATIONS TO PERFORM ROLE: Tertiary qualification at NQF Level 7 with Business Administration and ICT as majors,

OTHER QUALIFICATIONS: Certified Information Systems Auditor (CISA), Certified in Governance of Enterprise IT (CGEIT), Certified in Objective Centric
Risk & Certainty Management™ (cORCM™), Prince 2 Certification in Project Management

MINIMUM PERIOD OF EXPERIENCE/ TRAINING (DESCRIBE TYPICAL EXPERIENCE BACKGROUND): 3 years incorporating desktop support, server
support, business systems, procurement processes, project management, and IT audit. A minimum of 3 years at specialist level

PREFERRED EXPERIENTIAL/ TRAINING BACKGROUND: ICT junior management in Financial Services/Pension Fund Administration environment

Strategy and Operational Plan Implementation

Develop operational plan that delivers on the ICT strategic plan.
Monitor team performance against strategic and operational objectives
Report on project progress against deliverables
Management of all compliance with applicable legislation as amended from time to time
Ownership of ICT Maturity assessments and formulating roadmaps,
guiding ICT department to move key deliverables into matured states
Leading initiatives such as data classifications, POPIA compliance

Management of Governance and Compliance

Ensure that each ICT area has agreed KPIs that are aligned to the ICT strategic objectives and ICT operational plan.
Continuously monitor performance and actions of the ICT department are aligned to supporting key business objectives.
Manage roles in the department ensuring that they remain up to date covering all new developments in the governance and security space.
Maintain ICT services schedule of providers, systems, assets, etc. for renewal.
Ongoing engagement with all ICT team members to sustain the required generating and flow of reporting information for management, audit, and governance reporting purposes to ensure compliance

Financial & Project Management

Manage project and expenditure budgets for Risk mitigation and audit objective implementations, ensuring tight budgetary control.
Manage project and operational expenditure for specialist area through control of invoices through signoff procedures.
Manage compliance with procurement policy, processes and systems.
Provide project management office oversight focused on ICT department’s risk mitigation and implementations of audit recommendations, governance and compliance initiatives, and provide assistance to other business projects where capacity and or criticality permits.
Project management functions including liaison with stakeholders, scoping and detailing work breakdown structures, costing and resource estimation and scheduling, monitoring progress, intervention and assistance, alleviating deadlocks, feedback to stakeholders

Governance and Compliance

Monitor the Fund’s use of ICT resources to advance delivery of Fund strategy ensuring compliance in achieving organisational, audit,
governance and legislative directives.
Develop, implement and or mature ICT structures, policies, procedures and documentation, in conjunction with emerging trends and technology,
audit recommendations and governance requirements to ensure compliance objectives are met.
Develop and manage the ICT rights and accountability framework to reinforce desirable behaviour in the use of ICT infrastructure
Promote ethical conduct and compliance with Fund policy, rules and processes that guide the use of ICT resources.
Manage real-time monitoring, and ensure corrective action where appropriate, to ensure desired behaviour in the use of ICT infrastructure
and systems.
Ensure that the Fund conducts its business in full compliance with national and international laws and standards for financial services sector.

Controls and Mitigations

Assist in creation of true and accurate system change controls requests for execution by the respective ICT team members, and perform post
implementation validation.
Perform user system access reviews, liaise with business units for approvals, identifying any gaps and seeing through to resolution.
Manage the monitoring and controlling access to confidential information through assignment of uniquely identifiable accounts and user rights
authorisations for non-repudiation.
Manage the safe transmission of data through secure internet gateways and encryption of electronic data
Manage the secure storage and disposal of data through assigning responsibility for ongoing storage and disposal of data in accordance with
policy, procedures, protocols and sector best practice.
Management of personnel security through implementation of “need to know” principle and applicable policies and legislation as well as confidentiality agreements