Manager: IT Risk and Governance
Job in
Pretoria, 0002, South Africa
Listed on 2026-06-03
Listing for:
Tafadzwa
Full Time
position Listed on 2026-06-03
Job specializations:
-
IT/Tech
IT Consultant, IT Project Manager, Cybersecurity, IT Business Analyst
Job Description & How to Apply Below
Our client is recruiting for a Manager: IT Risk and Governance to be responsible for managing ICT Risk, Governance, and Compliance objectives.
MINIMUM JOB REQUIREMENTS Qualifications- Bachelor’s Degree/ Advanced Diploma in IT/Risk Management/Audit/ IT Governance related qualification.
- Postgraduate in IT/Risk Management/Audit/ IT Governance related qualification will be advantageous.
- Certification in CISA, COBIT and ITIL.
- ISO 27001 certification will be an added advantage.
- Relevant 6-8 years’ experience in IT Governance, Risk and Compliance environment, of which 2 years must have been at management/supervisory level/area of expertise.
- Lead the development and implementation of departmental policy, procedures and processes.
- Keep up to date with effective policy and practice execution strategies.
- Develop and implement IT governance frameworks and strategies aligned with organisational goals and industry best practices.
- Establish policies, procedures, and controls to ensure compliance with regulatory requirements and internal standards.
- Develop and maintain a complete controls library for ICT controls in line with best practice recommendations.
- Monitor and evaluate the effectiveness of governance processes and recommend improvements as needed.
- Design, develop and implement the Information Technology (IT) Risk Management Framework that is aligned to the COMPANY’s Enterprise Risk Management (ERM) framework.
- Identify, assess, and prioritise IT-related risks across the organisation.
- Develop risk mitigation plans and strategies to minimise potential impacts on IT operations and data integrity.
- Conduct regular risk assessments and audits to ensure ongoing compliance and risk readiness.
- Drive the creation of an understanding of ICT policies, processes, risk and controls’ in line with the COMPANY’s Policy Framework.
- Act as a liaison between ICT and all relevant stakeholders to ensure that IT risks are adequately considered in the overall risk profile of the COMPANY.
- Proactively ensure that all new projects have correct levels of assurance controls by conducting internal risk reviews before and during project implementation.
- Stay up to date with regulatory requirements and industry standards relevant to IT operations (e.g., GDPR, HIPAA, ISO 27001).
- Implement and maintain compliance programs and initiatives, including training and awareness campaigns for staff.
- Coordinate audits and assessments by internal/external auditors and regulatory bodies.
- Pro-actively manage the reduction of unsatisfactory audits by: (1) identifying areas of risk within ICT, (2) by assisting with the development of remediation plans to address issues by providing risk and audit expertise and (3) raising and tracking ICT Issues which may be of a strategic, tactical or operational nature.
- Ensure involvement during planning, fieldwork and reporting stages of all audits that are ICT related.
- Review audit reports for factual accuracy and ensure that correct action owners were identified.
- Review the feasibility of agreed actions and facilitate closure of audit findings.
- Oversee the develop and delivery of training programs on IT governance, risk management, and compliance for employees.
- Promote a culture of compliance and awareness across the organisation through workshops, seminars, and informational materials.
E.g. Cybersecurity awareness, - Policy Compliance, POPIA Compliance etc.
- Track and monitor the adequate and on time remediation of observations raised by all independent assurance bodies.
- Record remediation plans and facilitate closure for ICT related control weaknesses identified.
- Ensure this is done through weekly progress tracking with control owners (typically Senior Managers) and reporting.
- Engage with ICT management and senior management to discuss and manage overall progress against remediation plans.
- Ensure that all audit closure documents are reviewed by the appropriate stakeholders before being submitted to IA.
- Prepare regular reports and updates…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×