Risk Officer and BCM Coordinator

The Risk Officer and Business Continuity Management Coordinator will be responsible for proactively driving the Enterprise Risk Management function and the Business Continuity Management function within the FAIS Ombud, supporting departments in identifying, mitigating, and managing current and potential organisational risks. The role will ensure the accuracy and currency of departmental risk registers and oversee the implementation of the Business Continuity Management (BCM) strategy and policy. This includes leading the coordination, assessment, development, and communication of recovery requirements and contingency plans to safeguard the organisation’s operations in the event of facility or technology disruptions.

Key Performance Areas:

• Risk Management: Support the Head: GRC in developing, implementing, and maintaining the Enterprise Risk Management Framework (ERMF) in line with international standards. Facilitate and monitor risk management processes, including risk identification, assessment, mitigation, and reporting. Coordinate departmental risk workshops, maintain strategic and operational risk registers, conduct audits, and review key processes to identify control weaknesses and recommend improvements. Monitor and analyse risk trends, provide guidance on mitigation strategies, and ensure the effective use and maintenance of ERM software to support organisational risk management objectives. Follow up on the implementation of planned/future mitigation controls and audit the effectiveness and the efficiency of the controls implemented to mitigate existing risks.
• Business Continuity Management: Develop, implement, and maintain the FAIS Ombud’s BCM framework, policies, and systems in line with international standards. Oversee the full BCM lifecycle, including crisis management structures, business impact assessments, risk assessments, and the development and annual review of business continuity plans. Coordinate simulation exercises, test and audit recovery procedures, and ensure alignment between business and ICT disaster recovery plans. Lead and guide departmental BCM Champions to ensure organisational preparedness, effective incident response, and the safeguarding of operations during unforeseen disruptions.
• Effective Implementation of ERMF, Risk Management process and tools: Champion and drive the implementation of the Enterprise Risk Management Framework (ERMF), systems, and processes across business units in collaboration with the Head: GRC. Ensure effective utilisation of ERM software, providing ongoing support, onboarding, and training for Risk Champions, Risk Owners, and new users. Monitor and report on the performance of the ERMF to support continuous improvement and enhance the organisation’s risk management capability.
• Risk and Business Continuity Awareness Culture: Promote and sustain a strong culture of risk awareness and business continuity through formal campaigns, presentations, inductions, audits, and regular communications. Review and update key governance documents, maintain effective reporting channels, and engage with business units to embed continuous risk assessment practices. Ensure all personnel with BCM responsibilities are trained and familiar with continuity plans, provide guidance to BCM Champions, coordinate plan access and distribution, arrange annual disaster recovery site visits with ICT, and maintain the Battlebox to ensure organisational readiness.
• Reporting: Prepare and contribute to high-quality, timely reports for EXCO, the Audit and Risk Committee, and other governance structures in line with standard reporting formats. Consolidate departmental risk reports into organisation-wide registers, ensure consistency and quality, and tailor risk reporting for different audiences to support awareness, accountability, and decision-making. Provide accurate information to the Head: GRC to enable escalation of significant risks and maintain regular analysis and follow-up on operational risk registers.

• Matric certificate or equivalent.
• An appropriate bachelor’s degree or equivalent qualification in the Governance, Risk, and Compliance or Audit fields.
• A certificate in Risk Management and membership of the Institute of Risk Management South Africa (or meeting the registration requirements) would be an added advantage.
• Certification in ISO 22301 and BCI Good Practice Guidelines will be advantageous.
• Minimum 3 to 5 years’ appropriate experience in Risk Management and/or BCM and/or Audit field.
• Demonstrated experience and knowledge in corporate enterprise risk management and/or the BCM and/or Audit field.
• Ability and knowledge to maintain and manage the BCM Management System and Software.

Other Key Competencies:
The applicant must demonstrate the following skills and attributes: Attention to detail, analytical skills, effective written and verbal communication skills, ability to design, and execute projects, ability to maintain a high level of confidentiality, strong interpersonal /human relations skills, ability to work independently as well as part of a team, ability to operate a personal computer, and proficiency in using the MS Office suite of products.

In accordance with the FAIS Ombud’s Recruitment Strategy, preference will be given to candidates from
designated groups. The FAIS Ombud is an equal opportunity employer, committed to the principles contained in its Employment Equity Policy.

Please note that correspondence will only be entered into with short-listed candidates, and the FAIS OMBUD reserves the right not to appoint if a suitable candidate is not identified.
Interested applicants can apply for the position at https://faisombudjobs.mcidirecthire.com/ by 29 August 2025. Inquiries may be directed to Ms. Livhuwani Thavhanyedza at 012 762 5000.