| Job Summary UBC has appointed a Chief Assurance & Risk Officer with the mandate to create a strategic unit that is sought after for advice and counsel by organizational leaders across both campuses. The Chief Assurance and Risk Officer oversees the previously separate functions of Internal Audit and Enterprise Risk Management - now called the Office of Enterprise Risk and Assurance (ERA). ERA's purpose is to partner with the community to provide trusted and impactful risk and assurance insights to enhance and protect UBC as a thriving institution. The scope and nature of the internal audit function has expanded from a traditional department primarily focusing on financial risks, to a risk-based progressive function covering a large spectrum of risks and key strategic initiatives. The internal audit function has been renamed to “Internal Assurance” to reflect its broadened and elevated mandate; however, the discipline of internal audit remains embedded into all of our assurance activities. ERA aims to deliver an enterprise risk management framework that the University will integrate with its strategy-setting and operational activities to assist institutional leaders and their teams in managing risk through creating and preserving value. Moreover, the department is expected to provide independent, objective assurance and consulting activities designed to add value and improve the University's operations. This position plays a key role in enhancing the University's accountability mechanisms in support of the University's strategic objectives, by evaluating systems and related risks and controls, particularly as it relates to technology and automation. Organizational Status Reporting to the Director, Internal Assurance, and dotted reporting line to the Director, Enterprise Risk Management
Work Performed - Provides leadership, advice and guidance on strategic / operational technology risks, controls and governance.
- Provides strategic oversight and tactical direction in the management of a portfolio of all technology related risk reviews and advisory / assurance engagements.
- Supports Director, IA with the vision in the area of technology risks and provides strategic and operational risk advisory and assurance services for the institution's top risks; ensure that risks are clearly identified, articulated and assessed, key controls are designed and operating effectively, and mitigations are timely and appropriate.
- Works closely with the Director, IA in developing, leading, and delivering strategic short-term and long-term goals relating to the departments use of technology and its technology-related risk and assurance services for the department as part of the approved ERA strategic plan
- Represents ERA at key strategic committees.
- Key contributor to ERA's annual planning process. Provides strategic direction into priorities in the annual integrated risk and assurance plan that is flexible and responsive to the strategy, evolving needs and institutional risks of the University, particularly as it relates to technology risk and assurance areas.
- Partners with the Associate Director, Fraud Risk Management and Data Analytics to provide technology leadership for building the departments data analytics practice, and embedding data analytics into the wider UBC community.
- Engages as a strategic partner with academic and administrative leadership (including members of the Executive Team) and builds strong relationships
- Works as a change agent with faculties and departments to enhance risk management capabilities at all levels across the University.
- Collaborates with the ERA leadership team to develop, implement and manage talent capability assessment to ensure the team of professional risk and assurance staff have sufficient knowledge, skills, experience and professional certifications from a technology risk and assurance perspective.
- Oversees the operations of a team composed of 1-2 IT risk and assurance professionals to ensure the efficient operation of the function
- Provides credible, constructive challenge to senior stakeholders in relation to technology risks and assurance to senior stakeholders. Maintains knowledge of key and emerging technology risks both externally and internally.
- Manages relationship with the co-sourced internal audit technology risk partner to deliver specialist technology risk and assurance expertise
- Leads the digital strategy for ERA strategic plan and other technology related components. Leads from technology perspective Data / automation tools.
- Directs the preparation of reports, models, summaries of results analysis and other strategic and operational performance measures.
- Oversees the execution of other related tasks and special projects as required
Consequence of Error/Judgement The Office of the Enterprise Risk and Assurance is a fast-paced environment, where competing priorities and tasks are frequent and dynamic. Work is often completed within tight deadlines, requiring the Senior Manager to perform with a high degree of accuracy and precision under pressure. Judgment must be exercised. Lack of good judgment, errors or incorrect assurance work could result in the failure to detect or prevent University risks. Consequences could include: - Inadequate or inappropriate risk management
- Mismanagement or misappropriation of university resources
- Non-compliance with university policies or statutory obligations
- Inaccuracies in university financial reports
- Frauds
- Inaccurate information to senior management or the Board resulting in errors in management decisions. May have legal and labor relations implications.
This position has the opportunity to have a strong influence on the administrative procedures and processes at the University. Supervision Received This position reports to the Director, Internal Assurance, and has a dotted reporting line to the Director, Enterprise Risk Management. Works under general direction and review, and within broad mandates. Supervision Given Oversees the work of a team composed of 1-2 IT risk and assurance professionals.
|
