Information Governance Manager

17 Apr 2019
28 Apr 2019
Contract Type
Full Time

An exciting opportunity has arisen for a Permanent, Full Time Information Governance Manager to join my client in Cheltenham

Role purpose:

The Information Governance Manager leads the Information Governance Team, to ensure compliance with data protection and associated privacy legislation, most notably the General Data Protection Regulation (GDPR) and Data Protection Bill.

The role holder is responsible for the information security management system, maintaining the ISO 27001:2013 accreditation, and offering clear and pragmatic advice on information security and governance risk.

Key duties and responsibilities:

Strategy and policy development

• Develop and manage the data protection strategy, including, but not limited to, GDPR.

• Create and communicate new policies and procedures relating to data protection and information security.

• Ensure the organisation has an up-to-date and fully implemented data policy that is used to govern the way in which data and information is collected, used, and stored, in line with current legislation and standards.

Legal and regulatory compliance

• Ensure the organisation is compliant with its legal and regulatory obligations, with regards to its data and information, as outlined in the data policy.

• Support the organisation’s Senior Information Risk Owner (SIRO), and interface with the Information Commission Officer

• Oversee and coordinate information security efforts across the organisation, on behalf of the SIRO, to identify appropriate security initiatives and standards, ensure adequate protection, and manage risk through the delivery of an ISO 27001-compliant information security management system (ISMS).

Assurance, auditing, and monitoring

• Enhance, maintain, and communicate comprehensive company-wide data governance plans, policy, guidelines, and procedures.

• Develop and maintain mechanisms to manage, track, and report compliance against a set of agreed KPIs.


• Review and provide feedback on third party contracts, data licences, and other sharing agreements, to ensure their compliance with all data governance policies, and reduce risk of exposure.

• Assist with, or participate in, projects and programmes by providing an expert opinion on data governance, and providing authorisation at key stages in the development lifecycle.

Organisation development, training, and management

• Recruit, develop, support, and coach the team, instilling an appropriate balance of risk and commercial attitude.

• Work effectively as part of the Finance and Corporate Services (FCS) department and wider business.

Person specification:

• Proven experience of information governance, with a clear view on how to present information and make recommendations.

• Track record of successfully developing and implementing information security and risk governance plans.

• Excellent legislative, policy, and practical information governance knowledge, and familiarity with all aspects of relevant data protection law and policy/guidance.

• Degree or equivalent level qualification.

• Superior influencing and communication skills.

• Ability to work with and influence a broad range of stakeholders, at all levels.

• Experience of engaging and educating different functional areas on information security compliance requirements.

• Experience of managing a team.

If this is the role for you, please apply now

Similar jobs

Similar jobs