REQUIREMENTS :
An NQF level 6 qualification in Technology/Information Systems/ Information Technology field (i.e. Security/Computer science/Cyber security). AWS, WAN, ITIL, MCSE, SAN, NAS, LAN, PMP, TOGAF, VCP, CISSP, CISP, CISA, CRISC, CGEIT, COBIT 5, and KING 3.
3 relevant experiences in the specific ICT governance, risk and compliance strategy - field on middle management level 9/10. Understanding of all relevant human resources legislative framework, regulations and prescripts. Understand Public Service Act, Public Service Regulations, Labour Relations Act, Skills Development Act. Understand the PFMA and Treasury Regulations, Intermediate. Understanding of Good Corporate Governance principles (King Report).
DUTIES :
Manage ICT risk and compliance: Manage and ensure that adequate controls are in place to mitigate risk. Manage and ensure that adequate controls are in place to ensure effective and efficient compliance are undertaken in the ICT environment within the GPW. Develop frameworks aligned to the appropriate industry standards, creating the correct forums.
Establish monitoring mechanisms to ensure compliance is effective. Monitor, identify and communicate external new and emerging IT risks/threats and test adequacy of existing controls in relation to this and recommend actions for improvement. Monitor levels of IT risks across the GPW to mitigate or address identified risks, and issues as well as audit findings raised.
Manage and align the ICT strategy to the business strategy: Review processes and ensure that adequate controls are in place to mitigate risk. Lead and drive Governance, Risk and Compliance initiatives. End to end management of the reporting process and consolidation for regular internal and periodic statutory reporting to communicate an accurate and complete view of IT risk profile and in a manner that guides actionable management decisions.
Design, plan and manage the Directorate and align to the business continuity plan: Ensure full alignment with the business continuity plan. Identify all legislation applicable in the IT environment and assess the GPW's compliance and develop plans to ensure proper compliance with the business continuity plan. Define, develop, review and implement IT compliance framework, and align to international best practices and standards. Conduct annual compliance assessments.
Ensure compliance to internal IT policies and procedures and report on exceptions on a regular basis. Define, develop, review and implement the disaster recovery policy, and contribute to the development of the business continuity policy and plan. Develop, implement and test the GPW's Disaster Recovery Plan (DRP). Report on the status of disaster recovery capabilities.
Provide managerial activities: Provide inputs to the monthly and quarterly reports sufficient/ aligned to the Business Plan/ APP / Strat Plan. Provide inputs to the annual spending plans aligned to the business plan for the coming year. Perform a stakeholder analysis for the component and identify their needs - incorporate in business planning process. Develop/review internal work processes (SOPs). Provide inputs on the development / review of Business plans with clear roles and responsibilities assigned with the resource's requirements identified.
