Sr TM Enterprise Risk Management

1) Job Purpose (Please write 2-3 sentences) Doing Business is all about taking Risk for better Returns. Hence managing risks proactively is a must for future proofing of businesses and survive in a dynamic business environment. Risk exists in every business activity. Hence every manager is a Risk Manager. The job purpose is to institutionalize a robust Risk Management Process instill a culture of risk-enabled decision-making and performance management across business including operations( Belagavi) projects marketing supply chain finance HR Legal Sustainability etc. through Enterprise Risk Management (ERM) which is a structured and disciplined approach that aligns short-term objectives long-term strategies process people technology and knowledge with the purpose of identifying evaluating and ultimately managing the uncertainties that the organization faces as it creates value. Even with a robust Risk management disruptive events can occur which can turn into a crisis. Hence the Business also need to build Resilience to survive and thrive. Hence need to develop and sustain a Crisis Management Framework to respond to such crisis. While responding to a crisis the Company also should have capability to continue or immediately resume performing its critical business functions through Business Continuity Plans. While managing the known risk capability should be built to lo see beyond horizon to identify the Unknown and Emerging risks.

4) Key Result Areas/Accountabilities (min 4 pointers to max 10 pointers of KRA) Key Result Areas/Accountabilities Supporting Actions 1. ERM Framework Implementation: Implementation of Risk Management Process at all levels across the Belagavi Refinery and Corporate functions. Risk identification assessment-prioritization-mitigation monitoring and reporting Continuous implementation of ERM 6 step Process o Risk identification techniques o Risk assessment tools o Risk Prioritization o Mapping of Controls and identifying Response strategies o Tracking & monitoring of Risk & Mitigation o Review & reporting o Supplement identification by analyzing industry trends and emerging issues Ensuring Risk criterion followed (Appetite /Tolerance /Risk limits) for Risk Assessments Benchmarking and study of best practices across industry Facilitate Risk register updation at a defined frequency Collaborate with various assurance functions like Compliance Audit Legal Safety Quality etc. to improve internal practices Facilitate continuous Risk Identification Regular Loss event capturing and analysis Continuous capturing of Near Miss events Risk assessment of Annual business plans 2. Risk Culture Building: Risk culture ensures that Business decisions are made to optimize stakeholder value through addressing risk and leveraging opportunities Training of Risk Owners to make them Risk Intelligent Managers. o Build a Risk Mindset o Aware about known risks o Skill to identify unknown risks Integrate ERM with decision making and performance management o Risk Enabled Decision making o Risk Enabled performance management Establish lines of communication for risk information sharing ERM Newsletters Awareness campaign Periodic Knowledge sessions for risk community Job Description 4 Page Job Description Report Work with Risk leaders Risk champions Risk coordinators to drive the culture 3. ERM Governance: Establishing/Ensuring continuous Monitoring & Reporting Ensure regular Risk reviews at business and unit/function levels Facilitate in identifying accurate lead and lag indicators to track mitigation Guiding all users for using the ERM tool and ensuring regular updation Periodic Risk reporting highlighting progress and exception Assist ERM head to standardize reporting and to create a repository for Risk Mgmt. knowledge. Periodical Risk Maturity assessment 4. Emerging Risk Identification & Third-Party Risk management Regular Horizon/Global scanning to identify emerging risks for short medium and long term Scenario analysis to identify unknown risks Identify source of Third-Party risks Implement Third party risk management framework Continuous monitoring and reporting of third-party risks 5. Crisis Management Implementation of Crisis Management Framework regular review and update and thereafter ensuring continuous adherence for existing and new plants Crisis management approach alignment with ISO 22361 Continuous strengthening of identified crisis action plans governance/crisis team structure and responsibility mapping Ensuring Mock drills conduct periodically: implementation of gaps identified during mock drills Facilitate in periodic benchmarking with internal plants and similar industry for best practices Continuous scan the global environment and capture crisis events and map action plans Custodian for Knowledge repository 6. Business Continuity Management (BCM) Development of Business Impact Assessment Threat assessment Mitigation actions Maximum allowable outage Recovery time objectives for existing and new plants Job Description 5 Page Job Description Report Facilitate in building the overall BCM document in line with ISO22301 Continuous tracking and monitoring of action plans identified in BCM document Periodic effectiveness checking of BCM Facilitate in periodic review of respective BCM document with stakeholders Continuous updation of BCM document wrt to new derailers changing global environment etc. Continuous training & awareness on BCM concepts Custodian for Knowledge repository 7. Capex Project Risk Management (Pre-Approval and Post-Approval) Identify Risks to the Assumption at the capex proposal stage Facilitating Project Risk Management post approval o Implement ERM process Identification to mitigation plans o Establishing Project Risk governance mechanism o Facilitating Project Risk reporting o Facilitating Risks coordination between cross functional teams Keeping knowledge repository for Project risk management learning post completion of projects 8. Other Engagements: Insurance Team: Support to rationalize insurance covers and premium based on risk assessment controls and mitigation Consultants Facilitate mapping Risk mgmt. maturity with the help of assessing agencies and initiate improvements by acquiring Management consent Customers Vendor Partners Auditors Investors Rating agencies: Participate in interactions with investors customers regulators supplier partners auditors rating agencies relation to companys Risk Mgmt. practices and capabilities Assist in obtaining industry accreditations Peer Industry Collaborate with Risk Mgmt. teams of other leading organizations to stay ahead of the curve.

Required Experience:

Director