Risk and Control (Date Protection)
Our client is a well-regarded brand and innovative financial services business who are currently recruiting for a Risk and Control GDPR. The main purpose of the role is to undertake the analysis, design, build and implementation of a data protection and privacy risk and control framework.
- Create a detailed PR and CF document that sets out all the sub-components necessary for managing privacy risk including risk identification and assessment
- Evidence policy coverage, map policy to GDPR and PECR and once agreed map policy to RPEC
- Identify and support updates to existing IS and IM standards
- Develop DP Assurance Oversight Framework
- Create GDPR risk and control library and map to Policy
- Develop KRI reporting
- Carry out risk based review with RCSA owners (ensure they have identified their risks and have appropriate controls)
- Industry recognized data protection qualification
- Experience of data protection and privacy risk management within a large, complex financial services organisation
- In-depth knowledge and expertise of national and European data protection laws and practices, including (but not limited to) the Data Protection Act 1998, Privacy and Electronic Communications Regulation 2003 and the General Data Protection regulation and related guidance
- Experience of designing and implementing a data protection and privacy risk and control framework.
To discuss the role in greater detail please contact Paul Sherlock on 0161-883-2746 or send through your CV to firstname.lastname@example.org