Director, Enterprise Risk Management

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Risk Identification:

• Conduct regular risk assessments to identify potential risks across all organizational areas, including operational, financial, legal, information technology, HR, reputational, program delivery, and compliance risks. • Engage with staff at all levels to gather input on potential risks and concerns. • Monitor industry trends and regulatory changes to identify emerging risks.

Risk Analysis:

• Evaluate the likelihood and potential impact of identified risks to prioritize them. • Develop risk mitigation strategies and action plans for addressing key risks. • Conduct a cost-benefit analysis of risk mitigation options.

Risk Mitigation:

• Implement risk mitigation strategies and monitor their effectiveness. • Collaborate with department leads to embed risk management practices into daily operations. • Ensure appropriate insurance coverage is in place to address key risks.

Reporting and Communication:

• Prepare regular risk reports for the President & CEO and other senior leadership. • As necessary, brief the Audit and Risk Committee and the Board of Directors, highlighting key risks and mitigation plans. • Communicate risk management policies and procedures to staff at all levels. • Facilitate open communication about risk management within the

Compliance and Governance:

• Ensure compliance with relevant laws, regulations, and ethical standards related to risk management. • Develop and maintain a comprehensive risk management framework aligned with the organization's strategic goals. • Monitor and update risk management policies and procedures as needed.

Business Continuity Management:

• Develop, maintain, and implement business continuity and disaster recovery strategies for the organization. • Develop contingency plans to deal with organizational emergencies. • Conduct business impact analysis for all the functions of the organization. • Plan, conduct, and debrief regular mock-crisis management exercises to test the adequacy of existing plans and strategies, updating procedures and plans regularly. • Coordinate the crisis management committee.

Security Management

• Develop and implement a security strategy and supporting security procedures and guidelines, including staff training and awareness. • Assists in the response to crisis events and security incidents. • Act as the contact person on all security matters from security service providers. • Identify and promote security best practices. • Identify and monitor trends of security incidents affecting personnel and assets. • Review proposed staff travel, make security recommendations, and ensure staff have the necessary information and are prepared for any risks. • Ensure lessons are learned and disseminated from the pattern of security incidents.

Required Skills

• Strong understanding of non-profit operations and challenges. • Experience in risk management methodologies and frameworks. • Excellent analytical and problem-solving skills. • Effective communication and presentation skills to engage stakeholders at all levels. • Ability to work independently and collaboratively within a team. • Familiarity with relevant legal and regulatory requirements for international relief and development NGOs.

EDUCATION:

• Bachelor’s Degree in finance, business administration , economics or related field. • Master's degree in business administration (MBA) focusing on risk management or a related field is preferred.

EXPERIENCE: • Significant experience (5 to 7 years) in risk management roles within an organization, preferably in the international NGO sector. • Proven track record of identifying, assessing, and mitigating complex risks across different areas of an NGO's operations, including compliance, legal, travel, and security. • Experience collaborating across teams on projects related to risk management.

Technical Skills

• Expertise in risk assessment methodologies, including quantitative and qualitative techniques. • Proficiency in data analysis and reporting to effectively communicate risk insights to stakeholders. • Understanding of relevant compliance regulations, legal issues, and industry standards applicable to NGOs. Soft Skills • Excellent communication and presentation skills to articulate complex risk issues to senior leadership and diverse audiences. • Strong interpersonal and collaboration skills to build relationships with various departments within the NGO. • Ability to influence decision-making and advocate for proactive risk mitigation strategies. Specific NGO Knowledge • Deep understanding of the unique challenges and risks faced by NGOs operating in different geographic regions and program areas. • Familiarity with travel and security risks associated with international NGOs. • Awareness of government regulations and compliance requirements relevant to international NGO risk management.

Relevant Certifications • Certified Risk Management Professional (CRMP), Certified Internal Auditor (CIA), and Professional Risk Manager (PRM). OTHER REQUIREMENTS: • May be required to work long hours and a varied schedule including evenings and weekends, as well as travel on occasion.