1.

Duties for the post of Manager, Audit Risk

1
To assess the likelihood of the risks identified that could materialize and their impact.
2
To design and implement processes by which identified risks can be managed and mitigated.
3
To provide solutions how to reduce the incidence of the risk identified materializing.
4
To set up an effective risk management and control processes.
5
To provide assurance that the processes and key risks are being effectively managed.
6
To continuously develop policies and procedures on risk and control.
7 To quantify the cost of operating particular controls relative to the benefits obtained in managing the related risks.
8
To explore strategies to be adopted to reduce the incidence and impact on MPA of those risks that do
materialize.
9 To monitor the IT system and ensure that software implemented are reliable to provide relevant information to
Management for good decision making.
Information Security Officer Duties
10 To coordinate the development of MPA information security policies, standards and procedures
11
To work with key IT office, data custodians and governance groups in the development of such policies,
standards and procedures
12
To ensure that MPAs policies support compliance with external requirements
13 To oversee the dissemination of policies, standards and procedures.
14
To coordinate the development and delivery of an education and training programme on information security and
privacy matters for employees, and other authorized users.
15 To serve as MPA compliance officer with respect to information security policies and regulations.
16
To develop and implement an Incident Reporting and Response System to address security incidents (breaches)
and to respond to alleged policy violations, or complaints from external parties
17
To serve as the official contact point for information security, privacy and copyright infringement incidents,
including relationships with law enforcement entities
18
To develop and implement an ongoing risk assessment program targeting information security and privacy
matters
19 To recommend methods for vulnerability detection and remediation
20 To oversee vulnerability testing
21 To represent MPA on Information Security matters
22
To keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities
pertaining to the MPA and its mission
23 To participate actively in MPA Disaster Recovery Planning
24 To ensure that staff of the department are properly trained
25 To assist in the implementation of a performance management system
26 To be fully responsible and accountable in respect to successful implementation of projects falling under the
purview of the department and more specifically with respect to:
(i) timely completion of project;
(ii) adequacy in the fulfillment of the terms of contract;
(iii) monitoring and reviewing of Contractors Performance and Compliance;
(iv) periodic reporting with particular attention to identifying and addressing timely and appropriately any sub-
standard performance or deviation;
(v) monitoring of budget and actual costs of project and reporting of any variation.
27 To coach, guide and mentor all staff in his/her department
28 To play an active role in promoting safety and security at the MPA
29 To adhere to and promote MPAs corporate values
30 To contribute to the enhancement of the Port Environment