1 day ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Salary: £33,273 - £37,692, with potential for further progression to £42,439pa with our pay progression scheme.
Location: Hybrid
Contracted to our Wilmslow, London, Edinburgh, Cardiff or Belfast office, however, we offer flexible home and office-based working opportunities. There will be times when you will be expected to attend the office to collaborate with colleagues or travel due to business need.
Why work for the ICO?
* Hybrid and flexible working options.
* 25 days paid holiday per year, plus privilege and public holidays.
* Flexi leave (up to 26 additional days leave per year).
* Pension (employer contribution around 28.9%).
* Online discount scheme to save money at major supermarkets, retailers, gyms, restaurants, insurance providers and many more.
* Health Cash Plan.
* Fantastic development opportunities to learn and progress.
Job summary
As a Lead Auditor you will be the ‘face of the ICO’ and will be expected to be professional with all stakeholders and fully responsive to the key deliverables of the audit. Also, you will often be working collaboratively with other ICO departments to promote good practice. We are recruiting for four Lead Auditors.
The Information Commissioner’s Office (ICO) is the independent regulator of information rights. In a data-driven world, we provide advice, guidance, and support to organisations enabling compliance with their obligations, as well as protecting individuals and their personal data.
As an employer, we are passionate about making a positive difference to the lives and careers of our people, and we empower you to be curious, impactful, collaborative and respectful.
The Assurance team conduct audit assessments on a wide range of organisations to help them implement best practice in their information rights and data protection practices. Our approach uses powers of audit and assessment, both consensual and compulsory, to recommend appropriate and effective operational measures to promote model information rights practice. The team supports the strategic direction of the ICO and its corporate plans.
Engaging directly with external stakeholders and organisations, as a Lead Auditor you will be responsible for taking the lead role across a range of audit activities, building strong working relationships in order to effectively evaluate an organisations’ compliance. Specifically, you will review processes and policies, conduct interviews, identify information rights risks and then provide a quality audit report that makes prioritised operational recommendations in line with our documented audit processes and procedures. You will then have the opportunity to monitor and follow up on the actions and improvements made as a direct result of your work.
Key responsibilities:
* Undertake desk-based reviews of organisations’ policies, procedures, guidance and training material, and assess their effectiveness in enabling compliance with information rights legislation.
* Conduct interviews, facilitate discussion, provide advice, conduct tests either remotely and/or, when circumstances permit, at organisations premises including physical reviews of records and processing activities to gather evidence to support compliance assessments.
* Operate at all levels within an organisation’s hierarchy, to establish whether working practices are in compliance with information rights obligations and recognised best practice.
* Document findings to produce a working summary of document reviews and interviews (working papers). Using the working papers, consolidate the evidence and produce risk-based reports, which provide recommendations on, and opinion of, the processes and procedures implemented to deliver compliance with information rights obligations. This includes the production of sector or theme-based outcomes reports.
* Liaise clearly and confidently with all internal and external stakeholders to plan, agree, schedule and deliver Assurance audits as directed by line managers, and act as a key point of contact for these activities and any associated reporting.
* Support the Team Manager (Assurance) both before engagements to build business intelligence / background information, and after, to disseminate results and outcomes.
* Under guidance from line managers, develop questionnaires and checklists to ensure that Assurance activity (interviews and testing) adequately covers the scope of any engagement.
* Lead and support streams of further Assurance activity, including bespoke risk reviews, investigations or project work that supports the wider department, strategic objectives of the ICO, or any changes to existing or new legislation. You will do this with guidance from line managers.
* Represent the ICO at relevant stakeholder events, including conferences and speaking engagements.
* With guidance from managers conduct and lead audit follow-up activities.
* Proactively ensure you have up to date knowledge of legislation and develop areas of sectoral and technical expertise, ensuring that you can fully contribute to audits and all engagements benefit from the latest guidance and best practice.
* Support the ICO’s values, strategy and business plan, and the development of Assurance work and services, by undertaking and sharing relevant research and intelligence.
* Maintain corporate and departmental records management standards including the timely and accurate filing of documents and correspondence, as per our documented procedures. Ensure relevant logs and plans designed to monitor department activities are completed in time and with care.
* Comply with the ICO’s information governance policies and procedures and in particular those relating to information security.
Person specification
Essential criteria assessed at application stage:
* Experience relevant to the role requirements, as described in the role responsibilities and person specification, and accumulated through any combination of academic or vocational qualifications or experience.
* Experience in a role where monitoring or knowledge of adherence to compliance standards is a requirement (industry or legislation). Some experience or understanding of relevant methods that test or measure compliance.
* A knowledge of general business processes with specific reference to the management and handling of personal data.
Essential criteria assessed during interview:
* Intellectual and analytical ability in order to be able to apply complex legislation to a variety of practical circumstances and differentiate between good and bad practice.
* Good written communication skills, in particular report writing.
* Ability to multi-task, deal with a demanding workload and work to tight deadlines.
* Good verbal communication skills, including the ability to liaise effectively at all levels with our internal and external stakeholders.
* Strong team player and ability to work on own initiative.
* Knowledge of IT and its use in the management and security of personal data.
* Ability to undertake national travel and regular overnight stays.
Equality, diversity, and inclusion
The ICO is committed to promoting and enhancing equality, diversity, and inclusion. We are focused on developing a workforce that is representative of the communities we serve and together we are building an inclusive workplace where all of our colleagues have the opportunity to make a real difference. We are championing this through our Equality Diversity and Inclusion Board together with a number of staff networks. Read more about our commitment on our website.
Candidates with a disability who meet the minimum criteria for this vacancy will be invited to interview as part of the ICO’s commitment to the Disability Confident Scheme.
If you are disabled or have an impairment and require an alternative application method, please email the HR team at recruitment@ico.org.uk
Closing Date
Please submit your CV by 23:59, 2 March 2025
We reserve the right to close this vacancy before this date should we receive sufficient applications. Please apply as soon as possible to ensure your application is considered.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Accounting/Auditing and Finance
Industries
Law Enforcement
#J-18808-Ljbffr