The Information Governance Officer (IGO) position resides in the Governance and Assurance team, as part of the Information Governance and Security (IGS) department in Group Information Services (GIS). The function of the IGO is to support the Group Chief Information Security Officer (CISO), through the Head of Governance and Assurance, with all governance and control related functions. The IGO is responsible for ensuring that the appropriate policies, procedures, standards, RACI charts and practices for conformance with the respective governance frameworks and mandatory legislation and regulations, are in place as defined. Accurate, complete and relevant reporting is a key function of this role.
Areas of responsibility may include but not limited to
- Establish and assist in the development of appropriate policies, procedures and practices in relation to IT, Privacy and Security governance and planning functions;
- Ensure and monitor the effective implementation of and drive awareness for policies, procedures and standards;
- Manage day-to-day activities – maintaining policies, standards, procedures, training and communication regarding Information Governance;
- In conjunction with Group Legal and Group Compliance, assist in the identification of applicable laws and regulations and assist with the implementation of actions to ensure compliance;
- Exhibit knowledge of governance, legal, compliance and auditing frameworks and apply that in reviewing the quality of existing and new documentation;
- Recognise and identify potential areas where existing policies, standards and procedures require change;
- Support additional internal and external compliance activities as part of the IGS department;
- Support key stakeholders and management with governance planning, reporting, advice and training.
Technical skills or knowledge
- Strong negotiation skills
- Excellent knowledge of Risk, Legal and technology environments
- The ability to articulate security in non-technical business impact terms
- Excellent written and oral presentation skills, ability to lead discussions
- Business Writing Skills, Presentation and Facilitation Skills
- Customer Service Orientation, Result Orientation, Negotiation skills
- Personal organisation and time management skills
- Professional Communication (written, verbal/presenting and listening)
- Interpersonal skills – Ability to build relationships with people from all different backgrounds and at different job levels
Education and Experience
- 5+ years of experience in Information Technology.
- Bcom Informatics/BSc in Information Systems or Computer Science or related degree (advantageous).
- Working knowledge of and/or experience with Risk and Compliance.
- Working knowledge of applicable industry standards, legislations, etc.
- Experience in compliance frameworks for Information Security, Compliance and IT Governance Standards: ISO27001, PCI-DSS, COBIT, King III/IV, NIST and ITIL.
- Strong risk assessment/audit capabilities with hands on experience in many technologies and platforms across a broad range of industries.
- Risk-related industry-standard qualifications such as CISA, CISM, CRISC or CGEIT .
- Objective documentation, reporting and attention to business report writing.
The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.