Risk And Compliance Manager

Key Responsibilities: • Identify and assess operational, regulatory, and compliance risks across business units. Maintain and update the organizations risk register with detailed mitigation plans. Perform risk control self-assessments to evaluate effectiveness of current controls. Develop Key Risk Indicators and monitor trends to provide early warning of potential issues. Prepare and present risk assessment reports to management and compliance leadership. Ensure alignment of organizational practices with regulatory, contractual, and internal compliance requirements. Monitor changes in legal, regulatory, and contractual obligations and update policies accordingly. Conduct compliance gap analyses and support remediation efforts. Design and implement internal audits and control testing to assess compliance status and readiness. Maintain accurate, version-controlled documentation of all compliance-related policies and SOPs. Use principles from CMMI to enhance governance processes and standardize controls. Ensure that risk and compliance activities are integrated into quality management systems. Collaborate with process owners to define and improve processes that align with CMMI maturity models and compliance standards. Support process audits and evidence collection for periodic CMMI and other certifications. Conduct training programs on compliance obligations and risk awareness for business units. Serve as a liaison between internal teams, external auditors, and regulatory bodies. Assist in incident management and root cause analysis related to compliance breaches or operational failures. Generate dashboards and management reports for audit readiness, risk levels, and compliance KPIs. Preferred Certifications: • Certified Risk and Compliance Management Professional (CRCMP), CRISC, or equivalent. ISO 27001 Lead Implementer/Auditor (optional but beneficial). Knowledge of CMMI-DEV or CMMI-SVC frameworks.