Manager Risk and Controls, Automated Assurance

See yourself in our team:

The Commonwealth Bank of Australia (Bank) is Australia's leading provider of integrated financial services. They are committed to continuously improving governance practices and ensuring that they are aligned with business, stakeholders and customers' needs.

Group Audit and Assurance (GA&A) are the internal audit function for the Group. Their primary purpose is to provide independent and objective assurance of the effectiveness of the Groups risk management, controls and governance processes.

As digital technology disrupts and transforms entire industries and ways of working, GA&A is committed to keeping pace and continually reimagining themselves with the latest global best technology and innovation. Evolving customer expectations, competitive threats and pace of change require GA&A to support the business with new insights and risk coverage that puts customers first and to continue to provide insightful assurance to the Board.

GA&A is increasingly embedding digital assurance into audit activities, injecting Artificial Intelligence (AI) into routine control testing and using digital tools to improve the overall experience for employees.

Do work that matters:

You will be part of our 3LOA Automated Assurance Program that is scaling the automation of controls assurance across the Group to improve the quality and depth of control testing to a common and high standard – "build once, use by all'. Through continuous, data-driven automated assurance, the Three Lines can move to more real-time and continuous monitoring of the control environment, and more timely, targeted remediation.

You will support 3LoA Program Lead and Product Owners applying Organisational Risk Management Framework (ORMF), Change Management Risk Standard (CMRS) and Risk in Change (RiC) frameworks and support 3LoA Program Lead and Product Owners in performing Risk Assessments, Privacy Impact Assessments etc

Key responsibilities for this role includes:

• Support 3LoA Automated Assurance Program Lead and Product Owners applying Organisational Risk Management Framework (ORMF), Change Management Risk Standard (CMRS) and Risk in Change (RiC) frameworks.
• Support 3LoA Program Lead and Product Owners in performing Risk Assessments, Privacy Impact Assessments etc
• Prepare risk reports for accountable owners, governing forums and committees, to create transparency of risk outcomes.
• Identify and contribute to enhancing the design and resiliency of business processes and compliance.
• Ensuring RiskInSite is accurate and up to date

• Conduct timely L1 risk activities:

• Maintain 3LOA Risk Assessment

• Assist CAP Testing
• Assist Risk Control Self Assessments and Compliance Self-Assessments
• Incident and Issue Management
• 1LOA Risk Reporting
• Conduct risk related induction training.

We're interested in hearing from people who have:

• Experience in Operational Risk Management (Risk Profiles, Compliance, Controls, Issues and Incidents), Risk in Change and/or CMRS experience (Change Management Risk), with a good understanding of risk and control frameworks including Data Loss Prevention, Conflict of Interest, CAP Testing, Risk Control Self Assessments.
• Exposure to AI, Data, Model, Technology Risks
• Experience being part of a technology delivery either as a team member or risk manager
• Highly motivated and inquisitive risk professional who is eager to apply innovative solutions to complex risk challenges.
• Effective communicators, capable of leading meetings with senior stakeholders across the organisation and fostering strong connections within our data and risk community. The ability to influence stakeholders and independently resolve roadblocks to reach a common goal.
• Powerful sense of self-awareness, the ability to show empathy and be diplomatic.
• Insight – ability to read situations and exercise good judgment.
• Well versed in persuasion and influencing skills, with the ability to effectively guide and shape discussions and outcomes.
• Dedicated to continuous improvement, open to both giving and receiving constructive feedback to enhance personal and team performance.

If this sounds like the role for you then we would love to hear from you. Apply today

We support our people with the flexibility to balance where work is done with at least half their time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work in the role you're interested in.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We're keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on

Advertising End Date: 05/10/2025