Associate/Information Officer- IT Risk Management- Washington, DC

Job #:	121950
Title:	Associate/Information Officer- IT Risk Management
Job Stream:	Information Management and Technology
Location:	Washington, DC
Closing Date:	09/27/2012
Background / General description:
International Finance Corporation (IFC), the private sector investment arm of the World Bank Group (WBG) is the largest multilateral provider of financing for private enterprise in developing countries. IFC finances private sector investments, mobilizes capital in international financial markets, facilitates trade, helps clients improve social and environmental sustainability, and provides technical assistance and advisory services to businesses and governments. The mission of IFC's Corporate Business Technologies Department (CBT) is to enable IFC to promote sustainable private sector investment in developing countries by proactively partnering with IFC's business groups to provide flexible, robust, and secure IT capabilities anytime, anywhere worldwide. IFC is seeking an experienced IT Risk Officer to lead the Continuous Controls Monitoring (CCM) team and to serve as the IFC lead for the Software Asset Management (SAM) program. This position reports to the Controls & Compliance Lead. The ideal candidate will have experience in developing and leading CCM and SAM functions in an institution or business with challenges similar to those faced by IFC. IT Risk Management Officer Position The Continuous Controls Monitoring group is responsible for implementing and executing procedures to monitor the effectiveness of key financial and operational controls. The function also has responsibility for establishing and reporting on key risk indicators. Additional responsibilities will include the execution of risk assessments and Internal Controls over Financial Reporting (ICFR) testing on an as-needed basis. Software Asset Management (SAM) in IFC is the responsibility of a team of Software Asset Custodians (SACs) throughout the organization, supported by the Institutional Software Asset Manager (ISAM) within the Risk Management team. The ISAM’s activities will include responding to audits, ensuring that software purchasing are properly tracked in our license compliance tracking system and identifying opportunities to improve the efficiency of software procurement and usage in IFC. The ISAM will coordinate with the World Bank group ISAM and report regularly to the Software Asset Compliance Owner for the World Bank Group. The ISAM will also provide training and guidance to the various SACs around the organization, as well as provide feedback to their managers in their performance review process.
Duties and Accountabilities:
The selected candidate will be responsible for: Continuous Controls Monitoring (CCM) • Establish a risk based approach to identify areas where CCM activities are required • Document procedures and establish new CCM activities • Supervise a team of 2 – 3 contractors in the execution of CCM activities • Identify Key Risk Indicators (KRIs) which are predictive of reputational, operational and financial risks • Report KRIs and CCM statistics to management on a periodic basis with a linkage to business risks Risk Management Activities • Develop an approach for standardizing risk assessments across CBT • Coordinate with relevant stakeholders to identify areas / issues which require risk assessments • Perform risk assessments on an as-needed basis • Plan and execute ICFR testing Software Asset Management (SAM) • Provides management and oversight of Software Asset Management activities at the IFC. • Builds projects to improve the acquisition, maintenance, management, tracking and retirement of software assets for the organization. • Maintain the organization license compliance monitoring tool (currently Express Metrix). This involves ensuring that all software purchases are properly entered, and that the ‘discovery’ process is properly registering installations. • If compliance issues are identified, the ISAM will work with the responsible SAC’s for resolution. • The ISAM will be the point of contact for any software audit (internal or external) for IFC, providing the auditors with the information needed. • The ISAM will be the institutional expert on license types and participate in software license agreement negotiations with GSD Procurement. • Indentifying necessary resources to support SAM projects and operations at IFC, and managing those resources appropriately. • Conveying to Senior Management, both at IFC and WBG, in written and oral presentations, updates and potential SAM risks, business impact and plans. • Maintains relationships with many of the software vendors and manufacturers to establish trust relationships.
Selection Criteria:
• Master’s University degree(s), preferably in Information Management and Ttechnology and a minimum of 5 years relevant experience, or an equivalent combination of education and experience. • A demonstrated track record of success relevant to the duties and accountabilities of the position. • Minimum seven years of relevant experience. Experience with a Big Four firm is preferred. • Relevant professional certifications, such as CSAM, CISA etc, are preferred; willingness to pursue these is required. • Knowledge of technological and policy trends in the area of software asset management and auditing. • Strong knowledge and experience in IT CCM methodologies and tools. • Strong knowledge of and demonstrated work experience in the use of control frameworks (e.g. COBIT, COSO). • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. • Experience in dealing with internal and external audit organizations. • High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. • Excellent verbal and written communication skills in English. • Excellent facilitation skills. • Strong organizational and personal productivity skills.
Apply Online