Risk and Control (Date Protection)

North East or Edinburgh
Circa £500 per day
16 Jun 2017
16 Jul 2017
Experience Level
Executive, Management, Officer
Contract Type
Contract, Full time

Our client is a well-regarded brand and innovative financial services business who are currently recruiting for a Risk and Control GDPR. The main purpose of the role is to undertake the analysis, design, build and implementation of a data protection and privacy risk and control framework.

The role:

  • Create a detailed PR and CF document that sets out all the sub-components necessary for managing privacy risk including risk identification and assessment
  • Evidence policy coverage, map policy to GDPR and PECR and once agreed map policy to RPEC
  • Update data protection and privacy policy including the approach to privacy risk, definition of privacy risk, risk appetite statement, roles and responsibilities and the governance model
  • Identify and support the creation of new standards required to support Data Protection and Privacy Policy
  • Identify and support updates to existing IS and IM standards
  • Develop DP Assurance Oversight Framework
  • Create GDPR risk and control library and map to Policy
  • Develop KRI reporting
  • Carry out risk based review with RCSA owners (ensure they have identified their risks and have appropriate controls)

Key Requirements-        

  • Industry recognized data protection qualification
  • Experience of data protection and privacy risk management within a large, complex financial services organisation
  • In-depth knowledge and expertise of national and European data protection laws and practices, including (but not limited to) the Data Protection Act 1998, Privacy and Electronic Communications Regulation 2003 and the General Data Protection regulation and related guidance
  • Experience of designing and implementing a data protection and privacy risk and control framework.

To discuss the role in greater detail please contact Paul Sherlock on 0161-883-2746 or send through your CV to psherlock@merje.com