Develop and maintain IT policies, standards, and procedures according to applicable internal and external requirements, including the applicable regulations in Indonesia (POJK, PBI)
Coordinate with the Compliance team to perform gap assessment. Recommend appropriate measures to mitigate risks.
Ensure that every initiative, development, and collaboration complies with the standards and regulations (internal and external)
Develop and implement the RBAC and least privilege of access management
Assess the effectiveness of IT controls, policies, and procedures in place to safeguard information assets, ensure data integrity, and maintain system availability
Coordinate with the related IT work units to follow up on data requests and the implementation of audit recommendations (internal audit, external audit, and regulator)
Continuously update and implement the internal control framework, policies, and procedures to strengthen the organization's IT governance according to IT General Control, IT Application control, ISO 27001, PCI DSS, and other industry best practices
Socialization and regular awareness to ensure IT policy, procedures, guidelines, and standards are implemented in the day-to-day operations