IT RISK AND DATA PROTECTION MANAGER

Duties and Responsibilities

COMPETENCIES
Computer proficiency.
-Honest, reliable and good communication skills.

DUTIES AND RESPONSIBILITIES
Reporting to the Director, Risk and Loss Control, the incumbent will be responsible for:
-Develop and implement an IT monitoring framework consisting of policies, procedures, processes, guidance and metrics to ensure compliance with data protection law and regulation using a risk-based approach that aligns with relevant quality standards;
-Develop and implement data protection policies, procedures, and guidelines in alignment with the university’s overall IT risk management framework.
-Provide expert, accurate advice and guidance to senior management, staff, students, suppliers and other relevant stakeholders to ensure IT compliance with privacy regulations and build a reputation for sector-leading information management practice;
-Oversee the effective handling and processing of IT complaints, queries and information requests from Data Subjects;
-Carry out Privacy Impact Assessments where appropriate on IT systems processing personal data and ensure that all new IT systems implement privacy by design and default;
-Act as first point of contact for the assessment, resolution and reporting of any data breaches;
-Work with relevant Management and Information Governance Groups (or equivalent) and IT Services to ensure that data protection compliance is embedded into all new systems, policies and procedures;
-Maintain accurate, comprehensive and authoritative records of all data processing activities undertaken by, or on behalf of the university;