This role will provide support in setting out approaches for good records management for Academics and Professional Services colleagues with improved processes and guidance materials as the School embarks on a transition implementing new systems during a period of growth with an acknowledgement of the need to ensure compliance with data protection legislation that includes GDPR. Your responsibilities will include: Monitoring the DP Inbox daily for breach reports, maintaining a log, and managing responses to data protection and freedom of information requests, including potential data breach investigations. Supporting the DPO with Records of Processing Activity (ROPA), managing the Information Asset Register, assisting with Data Protection Impact Assessments, and leading audits such as the ICO Accountability Tracker. Developing and implementing data protection and records management policies, including training, awareness, and a Security Classification Scheme, across LSTM. Managing the School's EDRMS (SharePoint) for efficient records management, including retention and disposal, ensuring compliance with data protection requirements. Managing and responding to FOI requests daily, maintaining an up-to-date FOI log, and ensuring responses meet the 20 working days KPI while maintaining requester anonymity. Supporting the coordination of LSTM's Publication Schemes and providing training to staff on the importance of FOI compliance. Serving as the "LSTM document controller" for managing institutional governance documents on SharePoint, leading the development and implementation of policy management processes and best practices across LSTM Group. Qualifications and skills required: Educated to degree level, hold an equivalent qualification, or evidence of relevant and significant experience in a similar role Professional qualification in a key information governance area (e.g. GDPR Practitioner, FOI Practitioner) is desirable. Support will be given to the successful candidate if not already achieved Membership of a relevant professional body (e.g. IRMS, ARA, CILIP) is desirable Understanding of current UK General Data Protection Regulations. Familiarity with information governance practice ideally within a HE or research data environment Experience creating and managing file plans, metadata, permissions, etc. within a structured EDRMS (preferably in SharePoint) Awareness and application of UK GDPR and the DPA2018 Experience of, promoting and implementing information and records management related guidance, policies and procedures, including developing and managing retention schedules and disposition of records Familiarity with Data Protection Impact Assessments, FOI requests Awareness of the Records of Processing Activity (ROPA) and Information Asset Management