Risk Analyst

Risk Analyst

JOB SUMMARY

The Risk Analyst supports the Governance and Risk Management Unit in executing its functions. The role contributes to the development, implementation, and monitoring of the ERM, BCM frameworks and assists in ensuring that risks across all areas of the business are appropriately identified, assessed, monitored, and mitigated.

Under the guidance of the Chief Governance & Risk Officer (CGRO), the Risk Analyst collaborates with risk owners and Business Units to promote a strong risk-aware culture and consistent application of risk management practices in accordance with the Enterprise Risk Management (ERM) Framework and applicable regulatory requirements.

The role also supports the policy governance framework by assisting in the coordination and monitoring of the policy lifecycle including working with Policy Owners to ensure alignment with policy standards and regulatory requirements, maintaining the central Policy Inventory, tracking review cycles and updates, and supporting the review and challenge process.

 EDUCATION, KNOWLEDGE AND EXPERIENCE

• Bachelor’s degree in business management, risk management or a related field.
• Minimum 3 years at a Risk Analyst Level within a risk department in the insurance or financial services sector.
• Professional certification in Risk Management and Business Continuity, from recognized bodies, e.g. RIMS, GARP, PRMIA, DRI or equivalent bodies.
• Advanced proficiency in: Word, Excel, PowerPoint, Visio.
• Experience with GRC software will be an asset.

 KEY FUNCTIONS AND RESPONSIBILITIES

1. ERM, BCM and Policy Framework Support

• Supports the development and implementation of the ERM, BCM and Policy management frameworks, policies, and procedures.
• Conducts research to ensure that the above frameworks and policies and procedures are aligned with industry and regulatory requirements.
• Updates departmental reference files on standards (ISO 31000, COSO, CBTT Guidelines, Insurance Act, etc.)

 2. Risk Identification & Assessment

• Works with CGRO and risk owners to ensure that risk assessments are completed to quality and timeliness standards.
• Supports business units in identifying all risk including emerging risks.
• Facilitates and prepares documents to support risk workshops, interviews, and scenario analyses.
• Quantifies risks using both qualitative scales (heat maps) and quantitative methods.

 3. Risk Monitoring & Reporting

• Maintains and updates Risk Registers, ensuring risks are current, scored etc.
• Tracks Key Risk Indicators (KRIs), escalating breaches of tolerance thresholds.
• Prepares risk dashboards, risk bulletins, and board/committee reports.
• Follows up with owners on the completion of risk management actions.

 4. Risk Appetite Support

• Assists in embedding Risk Appetite & Tolerance Framework in planning and decision making
• Provides analysis on risk exposures vs. approved appetite levels.
• Plans and prepares documentation for ERM Council meetings (e.g. minutes, agendas and tracking actions items).
• Supports CGRO in completing policy reviews, ensuring alignment with CBTT and other regulatory standards and the Insurance Act 2018 and relevant laws and regulations.

 5. Business Continuity & Resilience

• Collaborates with the business to maintain BCM Plans, Business Impact Analyses, Post Incident Reviews and other related BCM documents.
• Assists in BCP testing (tabletop exercises, IT disaster recovery tests, evacuation drills).
• Logs and tracks corrective actions arising from BCM tests and Post Incident reviews and live continuity incidents.
• Supports crisis management team during disruptions, planning meetings and coordinating updates.

 6. Incident Management

• Maintains records /monitors operational incidents, near-misses, and breaches.
• Performs root cause analysis and ensure corrective/preventive actions are tracked.
• Escalates high-severity incidents (fraud, cyberattack, compliance breach) to management promptly.

 7. Regulatory Compliance & Alignment

• Assists in preparing risk related responses to regulatory requests, audits, and stress test exercises.
• Monitors external environment and makes recommendations for example, CBTT/ regulatory requirements macroeconomic and insurance market trends and provides recommendations.

 8. Risk Culture & Training

• Supports risk awareness campaigns and training.
• Develops training /awareness material and risk and governance notices for staff.

 9. Research & Continuous Improvement

• Research global trends in insurance risk management (IFRS 17 impacts, ESG/climate risk, ORSA).
• Recommends enhancements to risk methodologies, models, and tools.

 DIMENSIONS AND SCOPE OF ROLE

• Perform in accordance with relevant Government laws and Regulations and industry standards
• Perform in accordance with Insurance laws & Regulations
• Perform in accordance with the Policies and Procedures of the Company  

KEY CAPABILITIES

Risk Management

• Ability to identify, assess, and monitor risks using ERM tools (e.g., KRIs, RCSAs, Incident Forms) with an understanding of policy governance and BCM.
• Knowledge of applicable regulatory requirements and ERM, Policy and other governance frameworks, including the three lines of defence.
• Ability to analyse data, identify trends, and support risk-based decision-making.

 Collaboration. Planning & Coordination

• Ability to, track risk management, BCM and policy lifecycle activities, and ensure timely follow-up on actions.
• Ability to work with Business Units, coordinate activities, and manage multiple priorities effectively.
• Ensures accuracy, completeness, and consistency in risk assessments, reporting, and policy records.

 Customer Focus

• A strong understanding of the significance of the customer to the success of the business.

 Team Player

• Works well as a member of a customer focussed team; performs role assigned in the interest of the team’s success.

 Communication and Reporting

• Ability to prepare clear, concise reports and communicate risk information effectively to stakeholders.

 Personal Attributes

• Uses initiative; ability to act with minimum supervision; demonstrates a high level of confidentiality; presents a consistent pattern of satisfactory attendance; strong work ethics.