Outsourcing Governance Manager

Kshema General Insurance LimitedJamnagar, IN

13 hours ago

Job description

Manager – Outsourcing Governance

Location : Hyderabad | Function : Risk Management | Reports to : Head–ERM / ORM

Key Responsibilities

1. Framework & Policy

§ Maintain and periodically update the Board-approved Outsourcing Policy and SOPs; embed materiality criteria, risk taxonomy, and approvals matrix.

§ Support in executing the Outsourcing Committee cadence (agenda, packs, minutes, actions) and ensure annual policy review and Board presentation.

2. Planning & Materiality Assessment : Classify activities (core / prohibited vs. permitted support services) and determine materiality thresholds, document rationale.

3. Due Diligence & On-boarding : Lead risk-based due diligence on service providers (financial, legal, reputational, operational, info-sec, privacy, BCP / DR, HR / background checks) and ensure conflict-of-interest checks and arm’s-length pricing for related parties.

4. Contracts & Controls : Standardize MSA templates with Legal : ensuring risk mitigation measures along with mandatory clauses for audit / inspection rights (insurer & IRDAI), confidentiality, data protection, sub-contracting controls, performance-based SLAs, exit / transition, and incident reporting timelines.

5. Performance Monitoring : Ensure vendor SLAs are being monitored quarterly; and functions are addressing the service lapses, complaints, security incidents, and regulatory breaches pertains to Outsourcing.

6. Risk, Resilience & Security

Coordinate TPRM assessments with InfoSec / IT Risk (VAPT / ISMS controls), BCP / DR testing, cyber incident handling, and data-transfer controls (incl. cross-border).
Ensuring the TPRM Risk automation covers the through due diligence, adherence and governance

7. Regulatory Reporting & Record keeping

Prepare returns / annexures (e.g., annual outsourcing return with top vendors & payouts) and maintain records for the prescribed retention period.

Keep an Outsourcing Register (inventory of all arrangements, classifications, contract dates, locations, data flows, sub-processors).

8. Change Management

Govern scope changes, new technologies (AI / automation), and sub-contracting; re-perform risk assessments on significant changes and ensuring transitions / exit management to avoid service disruption.

Train 1st-line owners (business / operations / CRESA) on what can / cannot be outsourced, materiality triggers, and when to involve Compliance / Risk / Legal / InfoSec.

Requirements

Candidate Profile

Education : Graduate in Business / Finance / Engineering; preferred certifications : ISO 27001.

Experience : 3–5 years overall, with 2+ years in outsourcing governance / TPRM / vendor risk within Insurance / BFSI; familiarity with IRDAI norms mandatory.

Skills : Deep grasp of IRDAI outsourcing rules (prohibited / core functions, materiality, related-party controls, reporting / records), risk-based due diligence, SLA design, and contract clause negotiation (audit rights, confidentiality, exit / DR).

Benefits

1. Regulations require insurers to maintain documented governance, monitoring, audit rights, and risk controls over outsourced activities.

2. Outsourcing is a highly critical area during the regulatory inspections and IRDAI have taken many actions in this context of insurers due to lapses observed.

3. Complexity & Volume of vendors, we have multiple third parties across IT, claims processing, data services, BPM, field operations, and more.

4. Monitoring SLAs, audits, incident management, sub-contracting, and transitions is complex for a decentralized approach.

5. Risk Mitigation & Loss Prevention Gaps in vendor oversight expose us to operational, reputational, and cyber risk.

6. Governance & Audit Readiness External auditors and the internal audit team often flag outsourcing as a control risk.

Create a job alert for this search

Manager • Jamnagar, IN