Job Title: Head of Risk, Compliance and Audit
Duration: Permanent
Job Type: Full-time
Location: Darwin NT | Remote location considered
About NTAIC: www.ntaic.org.au
About – Northern Territory Aboriginal Investment Corporation (NTAIC)
NTAIC is a new corporate Commonwealth entity, established under the Aboriginal Land Rights Act (Northern Territory) 1976, and designed in partnership with Aboriginal Territorians. Our purpose is to work with Aboriginal Territorians to achieve economic, social and cultural impact through innovative approaches to investments, beneficial payments and other financial assistance. To support this, we have initial capital of ~$680 million. Our Aboriginal-controlled Board share a vision of self- determination, with Aboriginal Territorians at the centre of NTAIC's work.
NTAIC operates a three lines of defence risk management model. This position is a second line of defence role and supports management to help ensure risk and controls are effectively managed. Specifically:
Position Purpose:
The role is responsible for:
- Line 2 Risk Management.
- Line 2 Compliance.
- Line 2 Fraud & Corruption Control and Investigations.
- Line 2 Business Continuity including ICT disaster recovery.
- Line 3 Internal Audit (active management of outsourced internal audit).
To ensure there is appropriate independence from management, the reporting line for the role is:
Line 2 Assurance – Functional and administrative reporting to the Chief Operating Officer.
Line 3 Assurance – Functional reporting for internal audit operations to the Audit and Risk Committee via the chair, with administrative reporting to the Chief Executive Officer (CEO).
Appropriate safeguards are included in the Internal Audit Charter to separate Line 2 and Line 3 responsibilities and maintain internal audit independence from management.
The role will work closely with Executive Management and the Audit and Risk Committee toupdate, maintain and continuously improve the NTAIC governance and assurance environment.
Position Responsibilities and Key Duties include:
- Line 2 Risk Management
- Update and maintain a best-in-class risk management framework (RMF) with regard to the Commonwealth Risk Management Policy 2023..
- Conduct risk management training to raise awareness.
- Risk management reporting to Executive Management and the Audit and Risk Committee.
- Line 2 Compliance
- Update and maintain a fit-for-purpose legislative and regulatory compliance program.
- Update and maintain a policy compliance program.
- Conduct compliance training to raise awareness.
- Compliance reporting to Executive Management and the Audit and Risk Committee.
- Line 2 Fraud & Corruption Control and Investigations.
- Update and maintain a contemporary fraud & corruption control program under the NTAIC RMF.
- Conduct fraud & corruption control training to raise awareness.
- Investigate allegations of misconduct,fraud & corruption.
- Update and maintain a confidential whistleblowing mechanism.
- Fraud & corruption reporting to Executive Management and the Audit and Risk Committee
- Line 2 Business Continuity
- Update and maintain a practical business continuity program including effective ICT disaster recovery processes.
- Update and maintain emergency plans for each of NTAIC’s premises, ensure staff are trained for emergency responses including evacuations.
- Conduct business continuity training to raise awareness.
- Ensure regular business continuity and ICT disaster recovery testing is conducted.
- Business continuity reporting to Executive Management and the Audit and Risk Committee.
- Line 3 Internal Audit (active management of outsourced internal audit)
- Actively manage the outsourced internal audit service provider to their approved strategic internal audit plan. Agree any management initiated reviews with CEO and ARC Chair prior to commencement.
- Monitor management audit actions to ensure timely implementation.
- Internal audit reporting to the Audit and Risk Committee.
Attributes required to effectively perform this role:
Knowledge /Skills / Experience
- Advanced knowledge / skills / experience in governance and assurance including:
- Line 2 Risk Management (expert).
- Line 2 Compliance (competent).
- Line 2 Fraud and Corruption Control and Investigations (competent).
- Line 2 Business Continuity including ICT disaster recovery (competent).
- Line 3 Internal Audit (competent).
- Minimum 10 years of experience in the expert categories / similar roles.
- Experience in public accountability and reporting is desirable, particularly under the ‘Public Governance, Performance and Accountability Act’ (PGPA) or equivalent legislation.
Qualifications
- Relevant undergraduate qualifications.
- Relevant postgraduate qualifications will be well-regarded.
- Appropriate professional certification such as Certified Internal Auditor (CIA) / Certification in Risk Management Assurance (CRMA) / Certified Practising Risk Manager (CPRM) / Certified Chief Risk Officer (CCRO).
Abilities
- Passion and commitment to working with Aboriginal people and communities to achieve self-determination.
- Demonstrated cultural capability including a respect for diversity and ability to communicate sensitively with Aboriginal and Torres Strait Islander peoples.
- Excellent interpersonal skills and ability to develop positive working relationships at all levels of an organisation from the Board down.
- Analytical, risk-based and practical problem solving ability.
- Excellent verbal and written communication skills.
- Ability to multi-task and prioritise issues from a risk-based, business and strategic perspective.
- Ability to help facilitate and contribute to a learning and compliance culture .
- A growth mindset for continuous improvement and supporting innovation.
- Ability to produce high quality insightful reports for Executive leadership, the Board, Audit and Risk Committee and stakeholders.