The team is taking an active part in testing ING's IT key controls to ensure compliance with the Minimum Standards covered by the Non-Financial Risk Framework.
The team checks whether controls are working effectively to mitigate IT Risk to an acceptable level (within the Bank's risk appetite).
Key Responsibilities
Execute Test of Effectiveness on IT key controls (ITGC's) by comparing the delivered evidence to the required evidence according to the test script
Come to a conclusion Effective/Ineffective test and make the required registration to the DEVOPS teams, Trackers, iRisk, etc.
Give input to the Subject Matter Experts (SME) for the evaluation of Ineffective test results to determine deficiencies on a regular time interval basis (formal sign-offs)
Come up with improvements on the way of testing, required evidence, work-instructions, automation, test scripts, (improvement cycle coordinated by SME)
