Work with the B2B Compliance Manager and NS&I GPS clients to align risk appetites in respect of matters pertaining to data protection compliance

Similar documents
Lisbon, 17 May Agustín Puente Escobar State Counsel Head of the Legal Cabinet. Agencia Española de Protección de Datos

CORPORATE GOVERNANCE King III - Compliance with Principles Assessment Year ending 31 December 2016

JOB DESCRIPTION. Manager Service Management Technical Systems & Proposed band. Job family

Financial Controller

CORPORATE GOVERNANCE King III - Compliance with Principles Assessment Year ending 31 December 2015

King lll Principle Comments on application in 2013 Reference in 2013 Integrated Report

Chair Job Description and Person Specification

Ethical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.

UoD IT Job Description

Role Description Financial Accounting Manager

Group Accountant (Children s Services)

JOB DESCRIPTION. Lawyer (Contract & Procurement) Head of Contract & Procurement Law. Huntingdon (but able to travel to other offices as required)

Job description and person specification

Job Description: Solicitor

JOB DESCRIPTION. Community Led Local Development (CLLD) Programme Manager. The four CLLD Local Action Groups across Cornwall (Functional Management)

1 July Guideline for Municipal Competency Levels: Head of Supply Chain and Supply Chain Senior Managers

INTERNAL AUDIT OF PROCUREMENT AND CONTRACTING

EAST SUSSEX FIRE AUTHORITY Job Description

Information Governance Policy

Data protection (GDPR) policy

Introduction. Key points of the recent ODPC guidance, and the Article 29 working group guidance

ACFO. Recruitment Pack. Essex County Fire & Rescue Service Our Values: Respect, Accountability, Openness and Involvement. Enthusiasm.

City Infrastructure and Traffic Operations. Titles of Positions which report to Public Domain Team Leader are:

SENIOR INTERNAL AUDITOR

Assessor. Position Description. About FMG. FMG s Values. Work Environment. Direct Reports: Date Last Reviewed: March 2013

Chief Constable of Cleveland Police

LEVEL & SALARY Level 9 up to (Inclusive of 2% pay award effective 1 st April 2014)

King lll Principle Comments on application in 2016 Reference Chapter 1: Ethical leadership and corporate citizenship Principle 1.

ROLE DESCRIPTION. Strategic Procurement Manager

Financial Accountant Job Description

POSITION DESCRIPTION

LOCATION: Alpha Plus Fostering, Oldham

POSITION DESCRIPTION HUMAN RESOURCES MANAGER

Job Description & Person Specification. Age UK Kensington & Chelsea Values

Our Healthier South East London (OHSEL) The SEL STP. Programme Director: Community Based Care

Governance Committee Terms of Reference

THORNEY OPPORTUNITIES LTD ACN AUDIT & RISK COMMITTEE CHARTER

Financial Manager(FM) Position Description Effective: Monday, 18 December 2017

PURPOSE NATURE & SCOPE JOB DESCRIPTION. Leeds (with occasional travel to London) Assistant Director of Finance. Date Prepared: August 2017

SCOTTISH AMBULANCE SERIVCE JOB DESCRIPTION

Job Description and Person Specification

ROLE DESCRIPTION. VISION To make Sydney and NSW one of the world s most successful tourism and events destinations.

CAPITAL DELIVERY HUB. Programme Manager Education Construction. Permanent Placement Package to 67,000. Background

JOB DESCRIPTION. Proposed Band. Technical Systems & Delivery

Core Skills: Contributing Skills: Role Title: Senior Project Manager EXAMPLE. Reference: SFIA level 5

THE UNIVERSITY OF NOTTINGHAM. Recruitment Role Profile. Governance Services and Executive Support (Executive Office)

Company Synlait Milk Ltd Date: January 2014

Employer: Browning Estate Management Association. Job: Estate Manager Salary: 39,621-45,807

THORNEY TECHNOLOGIES LTD ABN: AUDIT & RISK COMMITTEE CHARTER

Director, Labour Relations. Position Number(s) Community Division/Region(s)

INSIGHTS MANAGER. Purpose of the Position. Organisational position / Virtual Team. Direct Reports: Date Created: August 2017

Position Description

Job Description. Background. Date: April No. of reports: Nil. Delegated Financial Authority: (If applicable)

NSW Government Capability Framework - Benchmark Job Evaluations. NSW Department of Premier and Cabinet

Audit Committee Charter

THE GENERAL DATA PROTECTION REGULATION: GUIDANCE ON THE ROLE OF THE DATA PROTECTION OFFICER

Stakeholder manager - franchising

JOB DESCRIPTION. Practitioner Young People (YP) subject to Job Evaluation. Service Manager SPOC and YP DIRECT REPORTS: - Purpose of Job

Position Description Development Officer Infrastructure Planning

KING III COMPLIANCE ANALYSIS

POSITION DESCRIPTION SENIOR ENGINEER

KING III CHECKLIST. We do it better

1 July Guideline for Municipal Competency Levels: Accounting Officers

CAPABILITY MATRIX FOR PROFESSIONAL STAFF HANDBOOK

Internal Audit Report Corporate Governance and Risk Management

BOD Minute:. Oversight Committee Mandate: Governance Committee

JOB DESCRIPTION. Director of Primary and Out of Hospital Care

Ensuring highly effective organisational, financial and administrative functioning.

Hours of Work: 37.5 hours per week (part time hours negotiable)

TOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

NATIONAL YOUTH SERVICE (NYS) JOB DESCRIPTION AND SPECIFICATION

Terms of Reference. Quality and Value Audits

Suicide Prevention Australia Inc. Position Description: Accounts Officer (part-time)

DRAFT ROLE DESCRIPTION Riverina Murray Destination Network, Administrative Assistant

Burgess Hall, hospitality and events manager. One Leisure Business Manager [Development] Direct Reports: 5 Indirect reports: Up to 50

Within Band 6: 39,270-66,865 (pro rata) CEO and Chair of Board of Trustees as Company Secretary

Level 3 Diploma in Management. Qualification Specification

Director Procurement & Value Delivery

Role Description Manager, ICT

The Data Protection Act NOMS Order. The Freedom of Information Act Environmental Information Regulations 2004 ORDER NUMBER 9020

Position Description

Chief Financial Officer

JOB DESCRIPTION. The post holder will be managerially accountable to the Associate Director of the Business Development Unit.

Position Description TransQuip Territory Manager (South Island)

Hammersmith & Fulham borough of opportunity

EAST SUSSEX FIRE AUTHORITY Job Description

Our purpose is to create the international conditions and connections for New Zealand and New Zealanders to thrive.

Unit: CPC 421 Manage contracts to achieve outcomes (Commissioning, Procurement and Contracting)

University of Sunderland Role Profile Part 1

CORPORATE GOVERNANCE KING III COMPLIANCE

Rolls-Royce s Board Governance

For personal use only

Job Description. Department

Strategic Level Professional Capabilities

Terms of reference for the risk committee

Corporate Governance Report

SERVICE PROCEDURE NOVEMBER 2011

This is all echoed in our Māori identity Hikina Whakatutuki which broadly means lifting to make successful.

JOB AND TASK DESCRIPTION

Transcription:

Role Profile Role Details Role Title GDPR Compliance Delivery Manager - GPS Pay band Business unit Compliance Advice & Delivery Reporting to Head of Compliance Date produced or updated March 2018 Purpose of Role The role is an interim role, primarily to: Lead the work stream to manage and oversee delivery of data controller responsibilities under the General Data Protection Regulations for NS&I GPS accounts where NS&I is joint data controller. To contribute to the identification of NS&I GPS compliance risks (to the Client and NS&I Governance), ensuring that they are captured in the relevant risk registers for monitoring by the risk policy owners Work closely with the NS&I B2B Compliance Manager to ensure that the GDPR compliance delivery work stream is aligned to Scheme rules and other relevant laws and guidelines Work with the NS&I Commercial team to amend the relevant NS&I GPS Memoranda of Understanding to reflect NS&I s joint data controller responsibilities Work with the B2B Compliance Manager and NS&I GPS clients to align risk appetites in respect of matters pertaining to data protection compliance Key responsibilities Ensure that Atos understand the implications of joint data controllership accounts and their associated responsibilities Ensure Clients understand the implications and activities required in the undertaking of a joint data controllership and their associated accountabilities Bid management and client set up support Represent compliance as a Data Protection SME for all joint data controller bid positions Contribute to Memorandum of Understanding (MoU) clauses for new accounts, reflecting agreed requirements throughout the bid process. Data Protection To establish the new data protection legal framework for NS&I GPS accounts where there Role Profile - page 1

has been a finding of joint data controller. Working with the DPO and the NS&I B2B Compliance Manager, contributing to a new data protection strategy for the B2B compliance offering under NS&I GPS and ensuring compliance for existing accounts. This will require indepth work with the applicable Clients to establish alignments in risk, process and policy, where achievable, whilst ensuring delivery of outsourced provisions can meet agreed compliance standards. Responsibilities will include; Be business manager for the implementation of joint data controller requirements under GDPR for NS&I GPS accounts. Work with the NS&I Compliance Manager (B2B) to formulate the B2B Data Protection and Records Management Policy suite and best practice documentation. Report directly to the DPO on a monthly basis at the Risk Management Committee (RMC) highlighting and escalating any issues or concerns relating to delivering GDPR compliance. Design and embed procedures within NS&I, delivery partner, third party contractors and supply chain to ensure compliance with data protection legislation. Advising the delivery project on complex issues of law in context of obligations under GDPR. Amend relevant manuals and ensuring information and training for staff is updated in line with the current data protection legislation. Delegated authority from the Head of Compliance/DPO to advise and make decisions on the projects to enable the resolution of complex operational challenges arising from a conflict between project requirements and/or operational processes and the DPA. Ensure data protection SOPs and process maps are updated to enable compliance with data protection legislation and any resultant amendments to the MOU requirements, ensuring adequate training for staff so matters are identified and dealt with compliantly. Drafting of the technical clauses required for the operation of the client service in respect of data protection, e.g. Data Sharing Agreements Reporting Provide periodic reports to the Executive Committee and the B2B Committee on the progress of the joint data controllership GDPR implementation project. Providing input to the monthly Data Protection risk reporting to NS&I Risk Management Committee Relationships Please list the jobs and areas with which the post interacts. This should show internal and external relationships. Internal Reports to the Head of Compliance Advice & Delivery NS&I Management Board (including nonexecutive Directors and HM Treasury representatives) NS&I Audit Committee Team members External Government Legal Department Ministry of Justice Atos HM Treasury Cabinet Office Office of Accountant General (OAG) Role Profile - page 2

Members of Governance Committees and working groups Internal Auditors B2B Account Management NS&I Project Management Office NS&I Executive Committee NS&I Senior Management team HMRC Home Office External outside Government Information Commissioner s Office External legal advisers Courts of law Person specification Essential qualifications, experience and technical knowledge Essential qualification Qualified in Data Protection Essential experience Substantial experience which has included the following aspects: Reviewing and analysing legislation and translating it into policies and procedures Specifying requirements for projects in respect of compliance and regulatory matters Understanding privacy law, information rights (data protection legislation & FOI) and its implementation in a financial services business Understanding joint data controller duties under data protection legislation Gathering research from a wide range of areas and sources Writing and presenting management reports Good understanding of general law Experience of working with legal teams including giving instructions. Essential technical knowledge and skills Extensive knowledge and practical application of data protection legislation Extensive knowledge of legal and regulatory matters Excellent communication (both written and verbal) skills. Ability to undertake detailed analysis of complex data, industry consultation papers and new and pending legislation. Ability to translate and summarise such documents Informing compliance policies and procedures. Managing and negotiating legal positioning with third parties, defining accountabilities and responsibilities. Desirable qualifications, experience and technical knowledge and skills Extensive knowledge of the legislative environment within which government departments operate. Effective resource management skills and the ability to work well under pressure Quick thinker and fast learner. Good organisational skills. Financial services industry qualifications, ICA advanced certificate/diploma Competencies and values Role Profile - page 3

Please read in conjunction with the NS&I Behavioural Based Competency Framework and give examples relevant to the role. Communication Communicating the impact of changes in the compliance landscape and explaining the risks and consequences to the business. Providing written and oral updates to the Head of Compliance Advice & Delivery and NS&I Governance Committees Escalating and communicating material issues of non- compliance. Maintain a strong working relationship with all Client, NS&I and Atos staff. Customer Focus Provide an effective and timely service when dealing with customers, suppliers and stakeholders Maintain customer focus including adhering to TCF principles Help ensure that all guidance and support meets the business need and strategic direction of all key stakeholders/partner. Achievement orientation Plan and organise time and activities so as to: Lead on data protection projects as subject matter expert to specific (and tight) timetables, monitoring progress and taking corrective actions where necessary. Monitor own and team plans and performance against targets, milestones and deadlines. Managing third party relationships Demonstrate understanding of, and work effectively in the commercial and political environment in which NS&I operates, and consider the impact on NS&I GPS. Demonstrate empathy for the needs and interests of third parties to NS&I Manage working relationships with third parties assertively to achieve mutually satisfactory outcomes and commercial focus Demonstrate awareness of third party changing circumstances, needs and interests Create new solutions to meet opportunities, risks and challenges within the environment within which NS&I operates Develop external focus in others. Improving business performance Role Profile - page

Anticipating and responding to changes in the regulatory or business practices within risk appetites. Take every opportunity to develop and nurture a compliance culture within the organisation Speak and act positively about change and innovation and encourage others to do the same Seek a balance in time versus quality to ensure that change is delivered with pace and confidence. Leading others Use personal knowledge and skills to develop others members of the compliance team and the wider business. Champion issues and lead initiatives and work streams to ensure problems areas are overcome Head the Compliance B2B team Making decisions Analyse processes and where necessary identify areas for improvement Ensure that all problem and issues are identified and managed in a timely and effective manner, seeking guidance and input from Head of Compliance Advice & Delivery or other appropriate person, where necessary Develop solutions to issues that are effective and meet the needs of the business Assess the impact of any new and forthcoming rules, regulations and guidance on the NS&I GPS offering; make recommendations for appropriate action. Team working Achieve effective team working across the business through development of relationships with other business areas Proactively support other members of the compliance B2B team Develop effective team working culture within the compliance team to provide an effective and efficient service to the wider business Role Profile - page 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback