Delivery and Operational Risk Business Partner

Delivery and Operational Risk Business Partner **Role Purpose** The Delivery \& Operational Risk Business Partner provides dedicated Second Line of Defense oversight and advisory support to the central delivery function and the broader operations community. The role ensures the Risk Management Framework is effectively applied, drives consistency in risk identification and control design, and supports senior leaders with pragmatic, timely risk advice across delivery and operational priorities. To ensure clear accountabilities, the role differentiates between: * **Delivery Risk Business Partner:** Focuses on risks across the end\-to\-end delivery lifecycle. Sets standards, coordinates group\-wide priorities, and consolidates insights in support of the Group Head of Delivery. Provides second\-line challenge on delivery plans, standards, and reporting; coordinates the global community of regional delivery risk business partners and supports delivery forums and roadmap execution. * **Operational Risk Business Partner:** Provides Group\-level second\-line oversight for business\-as\-usual operational risk and control effectiveness. Sets standards, coordinates group\-wide priorities, and consolidates insights in support of the Group Head of Operations. Works in partnership with local/regional Operational Risk Managers who own day\-to\-day operational risk management. Provides second\-line review and challenge of operational risk assessments, issue management, and remediation; supports reporting and audit engagement; and ensures alignment to Group policies and standards. This is a senior role requiring strong delivery domain and operations knowledge, the ability to operate as a trusted adviser to senior delivery leaders, and the capacity to drive consistency and quality across a globally dispersed team of risk professionals. **Key Responsibilities** **Governance \& global coordination** * Chair and manage the monthly Global Delivery Risk Business Partners Forum; set the agenda, manage the attendee list, facilitate knowledge sharing, and support global coordination. * Develop and maintain terms of reference for the Delivery Risk BP Forum. * Partner with regional delivery risk business partners to ensure cohesive, consistent risk management practices across all regions. * Maintain operational risk governance touchpoints with Operations leadership to ensure consistent second\-line engagement, timely decisions, and clear escalation paths. * Coordinate knowledge sharing across the Operations risk community to drive consistent approaches to BAU process, service, and resilience risks. **Risk framework oversight \& reporting** * Ensure effective and consistent application of the Group Risk Management Framework across the delivery function. * Provide the delivery function’s contribution to the GERC: obtain the delivery team update, review CARs, and produce second\-line commentary. * Provide second\-line oversight and challenge of operational risk assessments and control effectiveness across key BAU processes, services, and dependencies. * Support the RCSA review and attestation cycle, including guidance on assessment quality, review and challenge of submissions, and escalation of material gaps, emerging themes, and overdue actions. * Develop and review delivery and operational risk reporting, escalate material concerns, and ensure alignment to Group risk appetite and governance expectations. * Provide second\-line challenge for operational issue management, including linkage to incidents and problem management, root\-cause themes, action quality, and the timely closure of remediation. **Strategic initiatives \& continuous improvement** * Coordinate the Group Delivery risk roadmap: facilitate reprioritization sessions; support the delivery team to execute roadmap items, including Jira workflow improvements and global delivery risk framework development. * Coordinate the operational risk and controls improvement roadmap for Operations, with prioritized initiatives and tracked outcomes. * Drive continuous improvement by translating audit outcomes, control testing insights, delivery retrospectives, and operational incidents into practical updates to standards, guidance, and training materials. **Advisory, audit \& subject matter expertise** * Provide ad hoc risk advisory support to the central delivery team on risk\-related queries and issues. * Act as risk adviser on delivery\-related audits: review and agree scope and content; support the delivery team to close out audit actions. * Provide subject matter expertise on delivery risk wherever required, including taxonomy development, issue management, and cross\-functional business matters with a delivery dimension. * Provide operational risk advisory support to Operations leaders on BAU risk decisions, offering pragmatic second\-line challenge. * Challenge the design and operation of key operational controls, including control evidence expectations, monitoring routines, and the quality of testing/assurance performed by the first line. * Support and provide second\-line challenge on material operational incidents, including review of root cause analysis, control breakdowns, customer impact, and the robustness of preventative actions. **Key Deliverables** * A consistently run global governance cadence with clear agendas, actions, and follow\-up across delivery and operations. * Timely, high\-quality delivery and operational risk inputs to GERC, with clear second\-line commentary and supporting evidence. * An effective RCSA review and attestation cycle for relevant Operations areas, with documented guidance, second\-line review/challenge, and escalated themes and overdue actions. * A consolidated view of key delivery and operational risks, with thematic insights and clear escalation of material concerns. * Progress against agreed improvement roadmaps (delivery risk and operational controls), with prioritized initiatives, defined outcomes, and tracked milestones. * Audit\- and incident\-ready materials, including clear ownership of actions, robust remediation plans, and evidence of sustainable control improvements arising from audits, testing, and post\-incident reviews. **Interaction with Regional and Local CROs and stakeholders** * Group Delivery leadership team: provide second\-line advice and challenge on delivery strategy, material risks, delivery performance themes, and key decisions/escalations. * Regional Delivery Risk Business Partners (global): set expectations and shared standards, coordinate forums and knowledge sharing, and consolidate regional insights/escalations into a coherent Group view. * Group Chief Risk Officer: provide regular updates on delivery and operational risk profile, emerging themes, material incidents/issues, and key governance outcomes requiring CRO awareness or decision. * Internal Audit function: support audit planning and scoping for delivery/operations topics, provide risk input on findings, and monitor/advise on the closure of agreed actions. * Group Risk team colleagues: align to Group policies and governance expectations, contribute to thematic risk work, and coordinate inputs to Group\-level reporting and assurance activities. * GERC contributors and coordinators: coordinate inputs, timelines, and supporting evidence; review CARs and provide clear second\-line commentary on delivery and operational risk updates. ### **Culture and Capability** * Support risk awareness and training by coordinating the annual plan, maintaining core materials, and tracking completion/attestation where required. * Contribute to…