IT Risk – HI, Shadow IT, Risk Cards

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24×7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group:

 BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group’s performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business line/Function:

BNP Paribas Leasing Solutions (BPLS) is a brand of the BNP Paribas Group specializing in leasing financing solutions for equipment for professionals and businesses. At BPLS, we offer capital efficient business equipment financing solutions in key sectors including agriculture, construction, transportation, materials handling, ICT, healthcare, and green tech. Our routes to market include direct, via manufacturers and resellers, as well as the commercial and personal banking network of BNP Paribas. 

Drawing on our proud 70-year history, our partners and clients rely on our market expertise, asset know-how and advisory services to propel their growth, transformation & transition to a low carbon circular economy. 

We are present in 17 countries across Europe and Türkiye, employing over 3,700 experts. We also offer vendor finance solutions in the USA and Canada in partnership with Bank of Montreal, and in China through Jiangsu Financial Leasing.

In 2022, we advanced over 14€ billion in asset finance and presently manage a 38€ billion leased assets portfolio. 

BNP Paribas Leasing Solutions is fully owned by BNP Paribas and is positioned within the Group’s Commercial, Personal Banking & Services (CPBS) division.

Job Title:

IT Risk 

Date:

Department:

ITG Intl – CPBS 

Location:

Chennai

Business Line / Function:

IT Risks, I.T. RISK MANAGEMENT

Reports to:

(Direct)

BPLS ISPL manager

Grade: 

(if applicable)

(Functional)

BPLS manager

Number of Direct Reports:

1 (BNPP LS)

Directorship / Registration:

NA

Position Purpose

IT Risks, ITRM is the 1loD (1st line of defence) in terms of IT Risk cards management, Historical incidents and Shadow IT monitoring & management.

The IT Risks team oversees the declaration and management Historical incidents and operation incidents (IT). In this context, one of the main IT Risk activities is to declare and follow historical Incidents for the enterprise.

The role requires the accurate declaration, tracking, analysis & reporting of HI within the R360 tool. 

Once declared, HI should be analysed and validated with the relevant stakeholders as per the procedures. The Role also ensures data integrity and continuous improvement of HI process. 

2LOD is the 2nd line of defence under RISK’ responsibility and will challenge LOD1 on HI declaration.

Responsibilities

 

Direct Responsibilities

Historical Incidents:

·         Declare & record HI accurately in the R360 tool by ensuring compliance with internal policies, RISK framework and IT requirements across business lines & perimeters. 

·         Ensure completeness, consistency and quality of HI data throughout the lifecycle: 

o   Identify trends, 

o   recurring issues

o   Root causes

o   perform impact/consequences analysis. 

·         Maintain and update HI register based on the analysis, remediation actions, validations and timelines.

·         Produce regular & ad-Hoc reporting for management, audit and committees.

Shadow IT & IT Risk Management 

·         Identify and assess IT Risks across applications, infrastructure, projects, cloud, data and third-party services. Evaluate IT risks related to system changes, new initiatives and transformation programs.

·         Launch and monitor Shadow IT annual campaign and awareness sessions. 

·         Conduct Shadow IT interviews during the annual Shadow IT campaign and formalise the Shadow IT situations in SNOW. 

·         Perform risk assessments related to strategic initiatives, system transformation in line with the IT risk framework.

·         Monitor and update IT risk register ensuring accuracy, completeness and consistency.

·         Organise IT Risk review with the relevant stakeholders.

·         Support business and IT teams in defining pragmatic and effective risk remediation plans.

·         Prepare IT Risk reports, KPIs for senior management and Risk committees : prepare monthly follow up meeting with relevant stakeholders.

Contributing Responsibilities

Historical Incidents:

·         Contribute to the continuous improvement of HI process & tool.

·         Document procedures, best practices and Reporting template related to HI.

·         Strong analytical skills

·         High attention to detail and data accuracy

·         Ability to manage large volume of information

Shadow IT & IT Risk Management 

·         Provide guidance on IT risk methodology and GRC SNOW (ServiceNow) functionalities.

·         Contribute to the enhancement of IT risk frameworks, methodologies and SNOW tool.

Technical & Behavioral Competencies

·         Strong analytical skills

·         High attention to detail and data accuracy

·         Ability to manage large volume of information

Behavioral Competencies

·         Ability to collaborate with different teams 

·         Ability to challenge constructively

Specific Qualifications (if required)

·         Understanding and ability to function in an Agile framework

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Attention to detail / rigor

Organizational skills

Ability to deliver / Results driven

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to understand, explain and support change

Ability to develop and adapt a process 

Ability to develop and leverage networks

Ability to manage / facilitate a meeting, seminar, committee, training…

Education Level: 

 Bachelor Degree or equivalent

Experience Level

At least 5 years

Other/Specific Qualifications (if required)