Faculty/Division
Job Profile NR
August 2007
DATE PROFILE WAS LAST REVIEWED
NAME
JOB TITLE
Manager – Risk Control
INCUMBENT
Mr. L. Kruiskamp
DEPARTMENT/SECTION
VC’s Office
SUPERVISOR/MANAGER
(VC) = Vice-Chancellor or his
nominee
JOB TYPE
(ACADEMIC/SUPPORT)
SUPPORT
DIVISION HEAD
Vice-Chancellor
Dr. Saleem Badat
MAIN JOB OBJECTIVE/S
The main purpose of the job is:
-to report to the Vice Chancellor or his nominee and the Audit/Risk Management Committees on deviations from risk management
plans and areas that place the University at material risk.
-to establish and maintain an integrated and effective Risk Management framework where risks are identified, quantified and
managed on a consistent basis.
-to initiate ,drive, advise on and co-ordinate all risk management activities.
-to establish compliance requirements and to monitor the adherence to these requirements.
DESCRIPTION OF KEY RESPONSIBILITY AREA
STANDARD EXPECTED
STRATEGIC RESPONSIBILITIES including: 1.
2.
3.
4.
Develop a risk management framework for the Institution
ensuring, amongst others, legal compliance and that the
framework encompasses Identifying, monitoring, measuring
and managing risks (and advantages where applicable) of the
University.
Develop a risk Management policy and a set of processes that
will support the risk management strategy of the Institution.
Develop a formal risk management Plan and risk profile for
the University. This includes designing and developing risk
management/control processes to ensure that the risk profile
for the University is managed and that plans are robust
enough and able to identify key risk areas.
Assist senior management, when required or deemed
necessary, to identify inherent risks for the university and
ensuring that the action plans that are put in place are
monitored, that remedial action is taken and that the deadlines
are adhered to.
Job incumbent is expected to develop a risk management
framework in conjunction with VC and his senior
management and the relevant Risk/Audit Committees.
It is expected that policies and procedures related to risk
management and risk control be developed collaboratively
with the relevant stakeholders.
Job incumbent is responsible for supporting those
stakeholders responsible for risk management in their
respective areas. Where there are problems with
stakeholders meeting the standards required and/or
deadlines outlined in their actions plans the job incumbent
is expected to work collaboratively with the relevant
stakeholders to put remedial plans in place. Where
problems persist the job incumbent is expected to bring
these to the attention of the VC (or his nominee) and the
relevant Risk/Audit Committees.
LIAISON AND FACILITATION including:
1.
2.
3.
4.
5.
Liaising with senior management as regards their
responsibility, as outlined by the VC, in identifying the inherent
risks within their respective divisions or faculties, and the
recording and submission thereof in terms of their instructions
from the VC.
Besides the risk listings as above, submission must be made
in terms of legal/legislative compliance requirements as
mentioned under “COMPLIANCE” point 1. as below.
Advise and assist senior management where appropriate, or
as requested, on processes to identify the risks, document the
risks, establish appropriate benchmarks (doing research for
the Senior Manager if required), and sharing good practice
from other areas of the University.
If appropriate and requested, organise training for senior
management, or their staff, on risk management principles
and considerations.
Discuss with senior management the outcome of compliance
checks. See “COMPLIANCE” below
Discuss with senior management the content of any reports
Job incumbent recognises that risk management is the
responsibility of each senior manager and that they are
best placed to identify the risks and compliance
responsibilities in their respective areas of responsibility.
The job incumbent does not seek to impose a view of what
should or should not be managed but is empowered to give
constructive input and technical advice.
A co-operative relationship is established in spite of the
compliance nature of the job. Feedback on compliance
checks is done in the spirit of continuous improvement and
what is in the best interest of the University.
(*)This report would contain, inter alia:
2
generated by the Manager-Risk Control (MRC) which is to be
forwarded to the VC and Risk management/ Audit committees
(*)
6.
Reporting back to the senior managers any feedback from the
VC, Risk Management and Audit Committee’s comments on
the plans and reports submitted.
(A) Areas of non compliance as to: 1) specific legislative
requirements, 2) aspects relating to non adherence to
instructions from the VC and committees, 3) deviations
from risk management plans.
(B) Areas of risk, as perceived by the MRC, which are not
perceived to be or included in senior management
submissions as areas of risk.
(C) Any other matters that would be regarded necessary
for reporting which relate to matters compromising Risk
Management of the University.
Feedback to senior managers is timely, accurate,
constructive and specific in order to allow senior
managers to, where necessary, to address the
feedback.
COMPLIANCE AND REPORTING including:
Conducting checks to highlight areas of weakness/non compliance
relating to:
1. Legal/legislative type requirements such as requirements ITO
Income Tax laws, Health and Safety Act, Submission of
monthly, annual returns to Government etc.
2. Instructions as required by the VC and the relevant
committees. I.e. Timeous submission of
documentations/reports/responses etc.
3. Targets/goals, as identified in the risk management plans,
which are not being met.
4. Following through/testing procedures/controls, as claimed to
be in place for the sake of management of risks within the
various divisions and/or facilities, to verify the existence and
effectiveness of such controls.
REPORTING including:
1. Collation of risk management documentation/plans as well as
compliance requirements, as mentioned above, which are
compiled by senior management, to be forwarded to the VC
and relevant committees
2. Collation of progress reports by senior management and
presentation thereof to the VC and relevant committees
3. Reports on the findings of compliance checks conducted, to
be submitted to the VC and relevant Committees
4. Based on the above, assist in the preparation of any
documents/reports on risk management in the university for
internal and external purposes.
Diligence and care is shown in exercising these
responsibilities. The job incumbent needs to have an
administrative system that reports the status of risk
management plans and progress reports on request.
Compliance checks are done with sensitivity to the
power dynamics inherent in the relationship, to identify
strengths and what are working, attempts and progress
that have been made and in the case of noncompliance, the need to establish reasons for this.
Timeous presentation of reports made at intervals
determined by the VC and relevant Committees, as
agreed in the annual risk management plan.
3
MANAGEMENT OF THE INSITUTIONS RISK MANAGEMENT
PROCESS including: 1. Develop, a flexible annual work plan, as well as periodic
updates, using an appropriate risk-based methodology,
including any risks or control concerns identified by
management
2. Implement the annual work plan, as approved, including, as
appropriate, any special tasks or projects requested by
management and the relevant committees.
3. Assist the various departments to ensure that adequate
controls are in place to minimise risk.
4. Monitor the execution of the risk management process
including the self-assessment process and the reporting
associated with this process.
5. Implement a reporting framework for the self-assessment
process including a process that monitors the action plans
associated with the self-assessment process. This includes
ensuring that remedial action is taken with the timelines that
have been agreed to.
Job incumbent is expected to develop an annual plan in
consultation with the relevant stakeholders.
Job incumbent is expected to support the implementation
of the annual work plan and assist those responsible for
risk in their respective areas. Job incumbent will be
expected to provide support and technical advise when
appropriate.
Job incumbent is responsible tor tracking the execution
of risk management processes including the self
assessment. Job incumbent is expected to document
the progress and ensure that it is up to date at all times.
Job incumbent is expected to consult stakeholders with
regards to the documentation of progress and
stakeholders should be in agreement with the comments
in the progress report and should sign these off.
Timelines must be reasonable and must have the
support of the stakeholder responsible for risk in his/her
area.
ADVOCACY FOR AN EFFECTIVE RISK MANAGEMENT CULTURE
AND PROCESS including: 1.
2.
3.
4.
5.
6.
.
Work with each department to ensure that their risk
management profile supports the risk management strategy.
Develop sound relationships with those involved in risk
management in order to ensure that they are supported in the
management of risk for their area(s).
Identify training and development needs in respect of risk
management that will ensure that line managers and staff who
are involved in the assessment of risk understand how the
process works and what is required of them.
Continually monitoring and evaluating effectiveness of the risk
management process ensuring that quality of the selfassessments and information provided is accurate and
current. This includes doing independent reviews of each
self-assessment.
Identify reports and management information that is required
in order to ensure that the risk management profile of the
institution is adequately managed.
Ensuring that the right infrastructure exists to provide the
necessary support to those involved in risk management as
well as ensuring that any legislative reporting is adhered to.
Job incumbent is expected to work collaboratively with all
stakeholders and assist them in putting together their
risk management profile. Job incumbent needs to be
supportive and constructive in his/her approach. Job
incumbent is expected to develop good working
relationships with all stakeholders.
Job incumbent is responsible for assisting those
responsible for risk management in identifying any
training that may be required and/or support in areas
that require attention.
Barriers to risk management are actively identified and
proactively tackled in a tactful but assertive manner.
Consideration is given to the context and culture of the
section/department/division and University and if
necessary change is required, this is addressed using
sound change management principles. Where there is
resistance from management to risk
management/control, there is an appreciation of the
manager’s perspective .. The job incumbent is mindful of
other pressures and will actively champion solutions and
interventions that assist in ensuring that risk is managed
effectively and within other constraints faced by the
person responsible for risk.
4
DIRECT CONTACTS OF THE JOBHOLDER (INTERNAL AND EXTERNAL)
]
INTERNAL CONTACT:
TYPE OF CONTACT
DAILY/MONTHLY
ANNUAL
PURPOSE OF CONTACT
Daily/Monthly/Annually
Risk Management ongoing tasks.
Daily/Weekly/Monthly
Quarterly
Quarterly
Weekly/Monthly
When warranted, as
required by the VC
When warranted
Reporting line
Functional matters
Functional matters
Observer Status.
TYPE OF CONTACT
DAILY/MONTHLY
ANNUAL
PURPOSE OF CONTACT
1) Internal & External auditors
Weekly/Monthly
Discussions on work plans; Assessment of Risk areas;
Knowledge update; Audit programmes; advice etc.
2) Institute of Risk management.
Monthly
Membership; Updates; advice etc.
3) Conferences, workshops and/or meetings.
Monthly
Knowledge updates. Acquire new skills.
4) Banks, lawyers, government agencies, business
markets and the like.
Weekly/Monthly
Update knowledge and information base.
1) The job will impact on the University as a whole,
inclusive of all heads of divisions and
departments, as it is intended to provide
assurances regarding compliance with controls in
the entire organization.
2) Vice-Chancellor or his nominee
3) Risk Management Committee
4) Audit Committee
5) Management meetings (Inc.of Senate and Council)
5) Vice-Principal
6) Chairman of the Risk Management/Audit
Committees.
Confidential matters. Matters that would have a high
impact on the University.
EXTERNAL CONTACT:
JOB REQUIREMENTS
EDUCATION AN D EXPERIENCE
Matric plus an Honours Degree (i.e. a 4 year degree) with Accounting and Auditing as majors (with risk management studies being a
distinct advantage) PLUS 8 year’s relevant experience (preferably including articles with an accounting firm) OR be a Chartered
Accountant PLUS 5 years relevant experience.
Experience to be at a senior/supervisory level and to include: Previous 3 years in risk management
Systems design and control training
Project management
Experience within Higher Education will be an advantage but not essential.
COMPETENCIES ( I.E. KNOWLEDGE, SKILLS AND ATTRIBUTES)
RISK MANAGEMENT COMPETENCIES

Superior understanding of integrated risk management (IRM) principles and practice. E.g. Corporate Governance (King 11)
COSO, IRMSA code of practice, and their incorporation into business processes

Good understanding of control design, effectiveness and implementation.

Detailed knowledge and understanding of risk management practices and operational risk framework.

Working knowledge of risk management/policy and strategy development and implementation

An understanding of accounting systems and practices.

Logical thinker with the ability to brainstorm and analyse information.

Ability to design and implement risk reporting systems

Must have the ability to be able to structure information in a way that will empower others to act.

Must be able to design processes and procedures that are logical and that support the ultimate goals and objectives of risk
management

Ability to integrate risk management with other governance structures and processes (ethics, audit, secretariat, legal,
environment, sustainability, health and safety )

Strong business and commercial acumen

Outstanding financial and analytical skills

Excellent communication skills both written and verbal in English. Must be able to demonstrate an effective presentation style
that is able to present ideas and concepts aimed at persuading and facilitating change

The ability to communicate in another official language will be an advantage.

Proven experience in project/program/change management disciplines to support design thinking and implementation.

Must be curious and have an investigative mind

Ability to understand, analyse and integrate a broad range of information

Audit, business and project management skills
MANAGERIAL COMPETENCIES:
5









Ability to think strategically, creatively and laterally
Problem-solving skills: logical and analytical
People management skills with a collaborative approach
Decision-making skills, able to be objective, flexible but decisive
Must have strong budgeting skills and sound business acumen
Must be able to work independently with little or no supervision
Good negotiation and facilitation skills
Experience of operating in a committee environment where excellent report and presentations are essential.
Ability to confidently challenge management
PEOPLE COMPETENCIES:

Excellent interpersonal skills with an ability to relate to staff at different occupational levels as well as from different cultures
and backgrounds

High level of self-awareness, is committed to own development

Able to gain the trust of others, able to keep confidences

Networking skills, able to persuade and convince others

Must have the ability to manage conflict effectively

Integrity must be without question

Customer-focused with the ability to communicate at top management level internally and externally
ADMINISTRATION/TECHNICAL SKILLS/COMMUNICATION SKILLS

Sound Computer literacy: able to work with a word processor (as per unit standard 117924), spreadsheets (as per unit
standard 116940), the internet/web browsing skills (as per unit standard 116931), a presentation package (as per unit
standard 116930) and electronic mail (as per unit standard 116935)

Critical administrative skills include good organisational and planning skills as well as problem-solving and time-management
skills are necessary. Attention to detail is important.

An excellent ability to communicate in English is essential as are sound presentation skills. The ability to communicate in
another official language will be an advantage.
WORK BEHAVIOURS

Customer service ethic with a track record of good customer service and continuous improvement

Able to work independently as well as a member of a team

Actively seeks feedback, able to withstand criticism and use constructive criticism to improve

Extremely professional with high personal standards, able to produce work of a superior quality

Shows initiative

Able to manage multiple demands and work under pressure. Must have perseverance.

Should be results driven

Integrity should be beyond question
MANAGEMENT/SUPERVISORY DUTIES
Yes
NUMBER OF SUBORDINATES
One
TYPICAL DEVELOPMENT PATH
This person is likely to have come from either the risk management field or from within Finance and Administration. From this position
the job incumbent may move into other senior administrative and/or academic positions provided he/she has the qualifications
necessary. Career progression is dependant upon the availability of posts and the job incumbent doing a good job in her/her current
job.
FUNCTIONAL RESPONSIBILITIES (only if applicable)
PROJECT MANAGEMENT AND PROCESS MANAGEMENT RESPONSIBILITY
To start with: the development of the risk control section. That is the drawing up of the code of ethics, the charter, the job profiles, the
strategic review plan, the annual review plan as well as the field plans.
The functional responsibilities will be determined according to work programmes, developed in conjunction with the VC, the internal &
external auditors, the risk management committee and the audit committee.
COST/FINANCIAL CONTROL
The job incumbent would not have any direct responsibility for cost control. However, by recommending improved risk management
processes, the related costs of the university should be minimized.
6
Presently a budget for Risk Control has not been established, however this function should be considered within the budgetary process.
LEVEL OF RESPONSIBILITY
Who must authorize, review or clear decisions taken with regard to the jobholder’s functions?
The VC or his nominee
What percentage of tasks can be carried out without supervisory input and/ or control?
85-90%
What critical decisions are the jobholder normally authorized and empowered to make?
Within the boundaries of the agreed Riks Management strategy and direction from the VC or his nomineed, the relevant Audit/Risk
Committees and the stakeholders involved in managing risk for their respective areas.
PLANNING
(i)
What is the longest (macro) period that the jobholder has to plan ahead?
1 to 3 years
(ii)
Typically how long are the micro phases/time periods that the macro planning is divided into?
3 to 6 months
PROFILE PREPARED BY:
Robertson
Len Kruiskamp in consultation with the Vice-Chancellor and Susan
INITIALS AND SURNAME:
L. KRUISKAMP
SIGNATURE:
________________________________
Date:
August 2007
PROFILE APPROVED BY: (Direct manager / First level of Reporting)
INITIALS AND SURNAME:
________________________________
SIGNATURE:
________________________________
Date:
________________________________