Risk and Controls Manager

Ideas | People | Trust

We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world.

We work with the companies that are Britain's economic engine – ambitious, entrepreneurially-spirited, and high‐growth businesses that fuel the economy – and directly advise the owners and management teams leading them.

We'll broaden your horizons

The Quality and Risk Management Team (QRM) provides leadership, guidance, and tools to help partners and staff manage quality and risk matters. The team is comprised of an Advisory and Compliance Team, a Chief Information Security Office Team, an Economic Crime Team, a Legal Team including a Commercial & Contracts Team, an Ethics Team plus the Quality Monitoring Team. The team works closely with the firm's Technical Standards Group and the firm's leadership.

We'll help you succeed

Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships.

You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with.

Overview

BDO is seeking a Risk & Controls Manager to support the development and refinement of the Firm's Enterprise Risk Management (ERM) and Internal Controls frameworks. This internal-facing role is key to supporting the Firm's risk management systems and cultivating a pervasive culture of risk awareness throughout the organisation. The selected candidate will assist in shaping and integrating risk management policies into the core strategic decision-making processes and day-to-day operations of the Firm. This position offers substantial opportunities for professional development and strategic influence. The role promises significant engagement with BDO's Leadership Team and Management, providing a platform to drive change and influence.

Responsibilities

Risk Management Responsibilities:

• ERM Framework: Support the administration and facilitation of the ERM framework to align with the Firm's strategies and priorities, ensuring risk awareness and understanding at all levels.
• Risk Universe: Assist in continuously updating and refining the risk universe, maintaining comprehensive and appropriate risk topographies and classifications in accordance with recognised frameworks like COSO.
• Risk Management Policies: Assist in regularly reviewing and updating risk management policies to adapt to changing regulatory environments and business needs.
• Risk Assessment and Response: Collaborate with risk owners across the Firm to assess risks by evaluating impact, likelihood, velocity, and volatility. Work together to determine the most appropriate risk responses – avoid, reduce, transfer, or accept, ensuring that each response aligns with the firm's overall strategy and risk appetite/tolerance.
• Risk Appetite and Tolerance: Assist in regularly reviewing and adjusting the Firm's risk appetite and tolerance levels to ensure they are appropriate and adhered to, reflecting the Firm's strategic aims and regulatory landscape.
• Key Risk Indicators: Assist in developing key risk indicators to effectively monitor and communicate potential risks, enabling proactive management and strategic decision-making.
• Risk Management System (RHIZA): Assist in system administration of Rhiza which is used to facilitate the ERM processes and provide the data for risk reporting.
• Committees Administration: Support the coordination of all aspects of the Executive Risk Committee and the Partnership Council's Risk Subcommittee, including preparation of agendas, reporting packs, and minutes.
• Sustainability and CSR: Assist in integrating sustainability risks into the ERM framework, aligning with CSR goals and addressing ESG factors.
• Third-Party Risk: Support the development and oversight of a comprehensive third-party risk management program to identify, assess, and mitigate risks associated with external partners, including vendors, service providers, and strategic partners.
• Risk Culture: Assist in assessing and actively reporting on the Firm's risk culture, driving initiatives to embed a proactive risk management culture across the organisation.

Internal Controls Responsibilities:

• Internal Controls Framework: Support the maintenance of a comprehensive internal control framework that identifies and interlinks all control activities across the Firm.
• Determine the Firm's Key Controls: Assist in identifying and establishing key controls crucial for ensuring the Firm's operational integrity and compliance, safeguarding against potential risks.
• Controls Testing: Assist in designing and executing regular testing of internal controls to evaluate both their design and operational effectiveness, identifying areas for enhancement.
• Controls Self-Assessment: Assist in implementing and managing a robust internal controls self-assessment program that enables regular evaluation of internal controls across the Firm.
• Management Representation Letters: Assist in implementing and managing a process for management representation letters, allowing senior leaders to formally affirm the effectiveness and compliance of internal controls.
• Key Control Self-Certification: Assist in establishing a self-certification process for key controls, enabling responsible managers to attest to the efficacy and operational integrity of their specific control areas.

Other Responsibilities:

• Reporting and Dashboards: Assist in developing and maintaining detailed reporting and dashboard tools that integrate data from the internal controls framework, key controls status, controls testing, self-assessments, and certification processes along with key risk indicators, risk score trends, and risk status relative to the Firm's appetite and tolerances.
• Crisis Management: Support the Firm's crisis management processes, ensuring readiness and effective response strategies are in place to handle unexpected events.
• Business Continuity and Disaster Recovery: Support the development and maintenance of business continuity and disaster recovery frameworks and policies, ensuring the Firm's resilience in the face of disruptions.
• Transparency Report: Assist in drafting comprehensive sections of the transparency report related to internal controls and risk management, promoting transparency and accountability.
• Stakeholder Engagement and Management: Build and maintain strong relationships with internal stakeholders to ensure widespread support for ERM and internal controls initiatives.
• Performance Metrics: Assist in establishing and monitoring performance metrics for the function to evaluate its efficiency and effectiveness.
• Technology and Innovation: Support the use of advanced technology and innovative practices to enhance the effectiveness and efficiency of the Firm's ERM and Internal Controls frameworks.
• Training and Development: Assist in developing and leading training programs to enhance risks and controls awareness and compliance understanding at all levels.
• Regulatory Environment: Stay updated on new regulations and industry standards through regular attendance at seminars, workshops, and conferences.
• Intranet Site: Assist in managing and updating the Risk Management and Internal Controls intranet site dedicated to risk management and internal controls, providing accessible and current information to all employees.

Requirements:

• Some experience as outlined above in a regulated environment.
• Experience supporting an ERM and/or internal controls framework.
• A relevant qualification (ACA, ACCA, CIA, IRM).
• Demonstrated ability to work effectively with senior leaders.

You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to our business. We're committed to agile working, and we offer everyone the opportunity to work in ways that suit them, their teams, and the task at hand.

At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development.

We're in it together

Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work.

We know that collaboration is the key to creating value and satisfying experiences at work, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO.

We're looking forward to the future

At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions.

We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity, and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.

For further information, and to apply, please visit our website via the "Apply" button below.