Risk in focus: Tracey Simmons | Senior Business Compliance Analyst | TLC Group
This new specialist Certificate, awarded by the IRM and developed with support from the WMG Cyber Security Centre at the University of Warwick and the University’s Department of Politics and International Studies, has been designed to equip individuals to apply and develop their skills in an increasingly digital world
Here we find out more from one of the students.
How did you get your job?
I am a seasoned senior business analyst who has worked on multiple projects in various industries over the years. More recently, I was involved in several phased regulatory compliance projects spanning over five years in the financial services sector. Risk impact analysis and risk tracking played a major role in the successful outcome of the projects. I took on a role at the same bank in the securities sector which involved completing risk assessments for institutional investors. I was responsible for assessing all the securities risk-based operations and activities and providing recommendations to implement controls and efficiencies.
What’s a typical day like as a business analyst?
Currently, my typical day as a senior business compliance analyst comprises of creating process flows. Reporting any risks and identifying any security gaps. Providing guidance and support, as necessary.
What do you enjoy most about your job?
I enjoy the challenge and working with a savvy team of compliance professionals. Explaining the importance of having updated risk awareness and strategic and operational controls in place.
What are the challenges?
The main challenge I face as a consultant is being able to convince the compliance team on the importance of risk management as they are keen to address the management of the day to day operations, but don't have the resources to manage the monitoring and review of risk management on a regular basis.
What would you say to others thinking about taking the digital certificate?
I haven't had anyone ask about this particular qualification, as yet but, if I am asked, I would definitely recommend the course. It is a great segway to anyone thinking of getting involved in digital risk and/or cybersecurity, especially if you are a concerned business owner or an IT team looking to expanding their wealth of knowledge and skillset.
What have you been able to put into practice in your job as a result of what you have learnt?
I have been able to advise, recommend and provide examples/analogies that are relevant to the industry. I can articulate and talk passionately with regards to the importance of effective digital risk governance, processes, procedures and training. All public/private organisation will always have an element of risk dependant on the organisations risk appetite.
Firstly, I would advise that you find out as much information as you can, so that you can decide if this is really something that you want to become involved in.
Speak with as many peers and potential employers as you can so that they see how passionate you are. Ask for tips and if they would be willing to share their experience of how they became involved. Add it to your personal development plan.
Look for professionals on LinkedIn and follow cybersecurity organizations. Attend cyber security/digital risk conferences or job conventions. There are also plenty of open source work and community projects looking for support which is a great way to gain some experience and network.