duties manager,audit risk

Upload: awneesh

Post on 02-Jun-2018

218 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/11/2019 Duties Manager,Audit Risk

    1/1

    1. Duties for the post of Manager, Audit Risk

    1 To assess the likelihood of the risks identified that could materialize and their impact.

    2 To design and implement processes by which identified risks can be managed and mitigated.

    3 To provide solutions how to reduce the incidence of the risk identified materializing.

    4 To set up an effective risk management and control processes.

    5 To provide assurance that the processes and key risks are being effectively managed.

    6 To continuously develop policies and procedures on risk and control.

    7 To quantify the cost of operating particular controls relative to the benefits obtained in managing the related risks.

    8To explore strategies to be adopted to reduce the incidence and impact on MPA of those risks that domaterialize.

    9 To monitor the IT system and ensure that software implemented are reliable to provide relevant information toManagement for good decision making.

    Information Security Officer Duties

    10 To coordinate the development of MPA information security policies, standards and procedures

    11To work with key IT office, data custodians and governance groups in the development of such policies,standards and procedures

    12 To ensure that MPAs policies support compliance with external requirements

    13 To oversee the dissemination of policies, standards and procedures.

    14To coordinate the development and delivery of an education and training programme on information security andprivacy matters for employees, and other authorized users.

    15 To serve as MPA compliance officer with respect to information security policies and regulations.

    16To develop and implement an Incident Reporting and Response System to address security incidents (breaches)and to respond to alleged policy violations, or complaints from external parties

    17To serve as the official contact point for information security, privacy and copyright infringement incidents,including relationships with law enforcement entities

    18To develop and implement an ongoing risk assessment program targeting information security and privacymatters

    19 To recommend methods for vulnerability detection and remediation

    20 To oversee vulnerability testing

    21 To represent MPA on Information Security matters

    22To keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilitiespertaining to the MPA and its mission

    23 To participate actively in MPA Disaster Recovery Planning

    24 To ensure that staff of the department are properly trained

    25 To assist in the implementation of a performance management system

    26 To be fully responsible and accountable in respect to successful implementation of projects falling under thepurview of the department and more specifically with respect to:(i) timely completion of project;(ii) adequacy in the fulfillment of the terms of contract;

    (iii) monitoring and reviewing of Contractors Performance and Compliance;(iv) periodic reporting with particular attention to identifying and addressing timely and appropriately any sub-standard performance or deviation;

    (v) monitoring of budget and actual costs of project and reporting of any variation.

    27 To coach, guide and mentor all staff in his/her department

    28 To play an active role in promoting safety and security at the MPA

    29 To adhere to and promote MPAs corporate values

    30 To contribute to the enhancement of the Port Environment