Unit Head – Technology Risk Management

Role Purpose:

• To oversee and manage the technology-related risks that could impact ADIB operations, reputation, and financial stability.
• This role involves developing and implementing a comprehensive technology risk management framework, ensuring that all technology initiatives are aligned with ADIB risk appetite, regulatory requirements, and strategic objectives.
• The Head of Technology Risk Management is responsible for identifying, assessing, monitoring, and mitigating technology risks across all business units, promoting a culture of risk awareness, and ensuring that ADIB technology infrastructure is resilient, secure, and compliant with industry standards. Additionally, this role involves collaborating with senior management, IT, cybersecurity, and other key stakeholders to drive continuous improvement in ADIB risk management practices and to support the overall business strategy.
• Enhance business value through effective governance and management of Information Technology risks. Technology Risk Management will support the Head of Technology GRC in applying robust and best practice Risk Management and Compliance processes and protocols to the activities of the Technology department.

Key Accountabilities of the role:

Risk Governance:

• Define & develop IT Risk Management Strategy to support ITD and ADIB Enterprise Strategy. Connect management of IT risks to ADIB business objectives.
• Define, manage, and continuously improve the IT Risk Management framework and tools to help ensure consistent and effective risk management decisions.
• Develop IT Risk Management policy and procedures. Embed IT risk management practices in all ITD operational processes & activities.
• Align the management of IT risks with the ADIB Operational Risk Management Program.
• Direct the establishment of IT risk management practices to provide assurance that IT risk management practices are effective, and that IT risks do not exceed ADIB Group’s risk appetite.
• Establish communication platforms to promote collaboration among stakeholders within ITD as well as across the ADIB Enterprise, for clear understanding of business context of IT risks, risk ownership and effective risk response actions.

Risk Management:

• Continually identify, assess, and reduce current and emerging IT risks to be within tolerance levels set by ADIB Group Enterprise Risk.
• Ensure that Risk Control Self-Assessment (RCSA) reviews for ITD are conducted effectively and comprehensively, on schedule with appropriate risk mitigation advice.
• Maintain & manage ITD’s Risk Profile with clear documentation of known IT risks and risk attributes along with current control activities for the risks.
• Provide subject matter expertise to identify current IT risks and projected IT risks associated with changes in the business strategy.
• Guide ITD risk response whenever IT risk exceeds tolerance.
• Ensure regular and timely reporting to the ADIB executive management and BRCC on the outcome of IT risk management activities undertaken.
• Assist in identifying improvements in current IT systems, policies and strategies.

Specialist Skills / Technical Knowledge, Technical Competencies Required for this role:

• Expert understanding of IT Risk Management, Control and Governance frameworks such as – ISO 31000, ISO 27001, COBIT etc.
• Expert in performing IT Risk Assessments and Risk Based IT Audits.
• Thorough understanding of overall IT systems, processes and operations.
• Excellent analytical skills to effectively analyze significant amount of data information and filter it to key points helping management to analyze IT risks.
• Excellent problem-solving skills to create strategies to reduce IT risks to be within tolerance levels.
• Excellent communication and collaboration skills to effectively communicate IT risks and collaborate efforts to reduce risks.
• Excellent leadership skills to lead and guide the IT risk team in effective management of IT risks.
• Capability to summarize and interpret risk reports from different Departments.
• Ability to work with all levels of management.

Previous experience:

• Minimum of 15+ years’ experience in the financial industry IT domain with at least 10 years in IT Risk Management, Auditing and Compliance

Tagged as: Finance