Manager Risk Assessment

Purpose: This position involves proactively implementing and maintaining a resilient Risk Management Framework within Generation & Transmission (G&T) by placing a strong emphasis on continuous learning and deepening RM expertise in the complex G&T landscape.

The core responsibilities involve diligently identifying and categorizing risks using ERM methodologies and conducting comprehensive evaluations of identified risks. This role entails maintaining comprehensive risk registers, gathering data from stakeholders and other sources for applying risk intelligence to discern emerging risks. Furthermore, it involves monitoring and analysis of leading and lagging risk indicators for continuous risk assessment of existing risks, validation of risk mitigation strategies and tracking action plans.  These responsibilities provide a solid foundation in determining and managing risk exposure while cultivating and maintaining strong relationships with process owners.

These responsibilities are carried out WITH the objective to enable risk management capabilities, improving efficiency in business processes, informed decision making ultimately contributing for the long-term sustainability of the organization WITHIN the limits of KE values, organization policies and SOPs, guidelines from supervisor and departmental guidelines and objectives.

Education & Relevant Experience: Graduate with at least 5 years’ experience.

AREAS OF RESPONSIBILITY

1. Risk identification, analysis and assessment

• Examine internal documents, reports, policies, and procedures to identify risks.
• Conduct interviews, focused group / brainstorming sessions with Risk Champions to gather insights into potential risks. Encourage open and candid discussions.
• Monitor external sources such as industry reports, news, regulatory updates, and market analysis to identify external risks that may impact the organization particularly those that pertain to power generation and transmission.
• Utilize risk checklists or questionnaires tailored to specific business processes and functions to prompt discussions and identify risks systematically.
• Utilize quantitative and qualitative analysis techniques to assess the likelihood and potential impacts (financial, operational, reputational etc.) of identified risks.  Develop and analyze risk scenarios to better understand the range of potential outcomes associated with specific risks.
• Align risk assessments with the organization's risk tolerance and appetite as communicated from the leads. Determine which risks are within acceptable limits and which exceed them.
• Analyze risk incidents, including assessment, root cause analysis, and follow-on remediations as required.
• Seek input from subject matter experts within organization to validate risk assessments and gain insights into potential mitigations.

2. KRI Monitoring and Mitigation Validations

• Identify and formulate key risk indicators that will be used to measure the status of each risk. KRIs should be quantifiable, relevant, and timely.
• Regularly collect data and information related to the identified risks. This may involve internal data sources, external market data, and expert opinions.
• Implement alert mechanisms or triggers that notify relevant stakeholders when risk levels exceed predefined thresholds.
• Utilize technology and data automation tools to streamline the collection and aggregation of risk data, making the process more efficient.
• Revisit and review the action plans developed to address high-priority risks. Ensure that the plans are well-documented and actionable.
• Validate risk mitigation strategies that are finely tuned to the unique challenges faced in power generation and transmission while meticulously tracking action plans. This involves working closely with stakeholders responsible for executing the plans.
• Continuously monitor the progress of mitigation efforts by collecting and analyzing relevant data and performance metrics.
• Assess the risk's impact and likelihood to determine if mitigation efforts have effectively reduced the risk to an acceptable level.

3. Risk Reporting and Documentation

• Create reports summarizing the results of risk identification and assessment processes, including risk profiles, risk scores, and assessments of impact and likelihood.
• Create risk heat maps, graphical representations, and visual dashboards to provide a clear and intuitive overview of the organization's risk landscape.
• Develop a communication plan that outlines how and when risk reports and dashboards will be distributed to stakeholders, ensuring timely and effective communication.
• Deliver insights, emerging trends, and actionable recommendations to empower Risk Champions in making informed decisions.
• Maintain a comprehensive risk register that catalogs all identified risks, their descriptions, potential impact, likelihood, risk owners, and other relevant details. Also perform quality assurance of risk registers to avoid duplications and improve overall quality.
• Creating risk insights from risk registers for e.g., common risk causes and events across departments and developing views based on analysis of risk type.
• Document the results of risk assessments, including assessments of impact and likelihood, risk scores, and any qualitative or quantitative data used in the analysis.
• Maintain records of risk-related communications, including meeting minutes, emails, and other correspondence related to risk management discussions and decisions.
• Establish and maintain audit trails that capture changes and updates to risk-related documentation, providing a transparent history of revisions.

4. Stakeholder Engagement

• Create a communication plan that outlines how and when risk-related information will be shared with Stakeholders, including the frequency and format of communication.
• Organize focus group sessions as a targeted engagement strategy which provides valuable insights and feedback on risk-related matters.
• Actively seek feedback from stakeholders on their perceptions of risk management efforts, potential areas for improvement, and any concerns or suggestions.
• Work with risk champions to promote a risk-aware culture throughout the organization. Encourage them to lead by example in embracing risk management practices and ethical behavior.
• Collaborate closely with cross-functional departments and teams to gather valuable insights, ensuring that risk assessments comprehensively encompass all relevant facets of the business.