Manager_Governance, Risk and Compliance (GRC)

The IT Governance, Risk and Compliance Manager will be responsible for establishing and maintaining a robust IT GRC framework for Motus IT. This role involves developing controls to manage IT risks and ensure compliance with regulatory requirements that align with IT strategies and Motuss overall objectives. Governance: Oversee the development, implementation, and management of the IT GRC program. Develop and implement IT governance frameworks and policies to ensure alignment with business objectives and regulatory requirements. Establish and enforce IT standards and practices to ensure the effective and efficient use of IT resources. Coordinate with other business areas to integrate IT governance into the overall corporate governance framework Plan and execute IT audits to assess the effectiveness of IT controls. Risk Management Engage with IT functions to Identify, assess, and prioritize IT risks. Quality assure and monitor risk mitigation strategies and action plans. Monitor and report on the effectiveness of risk management initiatives and controls. Monitor the implementation and maintenance of IT risk self-assessment programs across the organization. Pro-actively manage and mitigate all potential IT risks to the organization, in association with senior management. Coordinate third-party IT supplier risk assessments to ensure supply chain risk is managed throughout the supplier's lifecycle. Compliance Ensure IT operations comply with relevant laws, regulations, and standards, including but not limited to GDPR, POPIA, and industry best practices (COBIT, ITIL, NIST). Conduct regular assessments to ensure adherence to compliance requirements. Coordinate with internal and external auditors on audit cycles and manage audit findings and remediation efforts. Policy Environment Work closely with the IT team to develop and implement organization-wide IT policies, processes and procedures. Assess the policy environment to ensure alignment with GRC practices. Reporting and Documentation Prepare reports for relevant governance committees. Develop and maintain IT GRC processes, policies, and procedures. Establish robust reporting mechanisms for tracking IT projects, disaster recovery metrics, cybersecurity metrics, and management of risks. Continuous Improvement Stay abreast of industry trends and regulatory changes. Recommend and implement improvements to the IT GRC program to enhance compliance status. Perform regular IT governance maturity assessments and implement improvement plans. Develop training plans to embed the IT governance programme. Continuously evaluate and improve ICT reporting processes and reports to deliver more valuable insights and recommendations. People Management Proven ability to lead and manage cross-functional teams. Foster a culture of accountability and continuous improvement. Stakeholder Management Strong communication and interpersonal skills, with the ability to interact effectively with stakeholders at all levels. Required Qualifications and Experience: Bachelors degree in information technology, computer science, or a related field. An MBA and/or professional certifications such as CISA or CRISC are a plus. Minimum of 5-7 years of experience in IT governance, risk management. In-depth knowledge of IT governance frameworks, risk management methodologies, and compliance standards.