Governance & Compliance Partner

PLEASE NOTE THAT THIS IS A 24 MONTH FIXED TERM CONTRACT

The Governance & Compliance Partner will have significant relevant knowledge, skills, and experience and will be responsible for information governance and assurance internally and externally, supporting our data protection compliance, records management, wider information governance and ensuring we meet associated Non-Departmental Public Body legislative and statutory duty requirements.

We anticipate that interviews will take place in early October 2024

We want you if you have the following; 

• Recognised qualifications and extensive knowledge, skills, and experience of information and records management and governance and compliance.
• Experience and understanding of GDPR, PRSA, FOI, EIR and INSPIRE regulations and their application to non-departmental public bodies.
• Strong experience and adeptness in stakeholder management with excellent interpersonal and communication skills.
• Excellent interpersonal and written communication and presentation skills across organisational and professional boundaries.
• Experienced in specifying requirements for technological and cultural solutions related to managing processes and systems.
• Experience drafting official organisational documents, policies and procedures.
• Ability to positively promote compliance and be a compliance and information champion.
• Excellent understanding of information & knowledge resources, databases and associated technology.
• Excellent attention to detail.
• Project management and process mapping skills.
• Ability to organise and prioritise own workload, to work under pressure and meet deadlines across a wide range of work from different areas of the organisation.
• The ability to maintain exemplary levels of confidentiality and discretion in the handling of sensitive data and information.
• Ability to build positive working relationships with internal and external customers.
• Understanding of legal requirements relating to data and information for similar organisations.
• Degree, significant experience or professional qualification in relevant discipline.
• Track record of demonstrable and embedded continuous improvement.

What you'll be doing;

• Apply your substantial information and records management knowledge, skills, and experience across the organisation to lead and ensure proactive management of, and compliance with, NDPB legislative requirements which includes as a minimum: Public Records Scotland Act (PRSA), Reuse of Public Sector Information Regulations, Freedom of Information Scotland Act (FOISA), General Data Protection Regulation, Data Protection Act
• Direct the proportionate, lawful and secure use and sharing of personal data, implementing, monitoring, auditing, and reviewing the Data Processing Contracts, Information Sharing Protocols, Privacy notices, Data Protection Impact Assessments and Compliance Checks.
• Manage the identification, assessment, reporting and management of risk in relation to all aspects of information governance within Zero Waste Scotland, including contributions to the information risk register and reporting to senior and executive leaders.
• Develop and maintain corporate information governance tools and standards, including business and security classifications, metadata schemes, lifecycle retention schedules and information asset registers and ensure local implementation and compliance. Deliver and embed records management standards and best practice appropriately and effectively for the organisation.
• Own the improvement of current record creation and record keeping standards to ensure that Zero Waste Scotland is holding adequate records of organisation activity and decision making to meet statutory and legal requirements and as evidence of its accountability and transparency. Critically assess current procedures and design and implement workable data and information governance solutions for continual improvement as well as performance measurement and compliance framework.
• Ensure that GDPR is embedded in the organisation by working with Data Champions and colleagues, appropriate controls are in place, and all requirements are met to support the Data Protection Officer.
• Lead on complex FOI, EIR and INSPIRE requests that are received by Zero Waste Scotland to meet internal, external and legislative requirements within required timescales
• Lead the development and implementation of a cross-organisational compliance framework, including building a quality assurance system, and contribute to improvements where required. 
• Act as key point of contact for organisation’s response to information security vulnerabilities and incidents.
• Proactively collaborate with stakeholders, including colleagues and Directorates as required, to manage the development, adoption, review and amendment of appropriate systems, frameworks, policies, procedures and standards that will support improvements in information management, partner relationships, regulatory requirements and continuous improvement across the organisation.
• Develop, deliver, support, and monitor information governance and governance and compliance training for colleagues, implement clear and robust information and data handling standards and procedures, raise awareness of information governance responsibilities, and promote awareness and best practice.
• Ensure that information governance requirements are integrated into organisation processes, standard operating procedures, and organisational change.
• Advance digital capacity and exploit opportunities to automate information governance through technology solutions and tools.
• Prepare and deliver briefings, reports, presentations on information governance, compliance, and performance to colleagues in a manner that is informative, contextual, and easily understood.
• Provide advice and guidance to staff on information governance issues, including statutory and regulatory governance.
• Review and recommend any required updates, amendments, or changes to relevant policies, procedures and associated guidance.
• Liaise with and build professional working relationships with stakeholders and partner organisations on information governance matters and maintain relationships with external GDPR experts.
• Provide support to the Head of Operations, Governance & Compliance and the wider Governance and Compliance team to facilitate opportunities for continuous improvement and evolution of the information and governance and compliance function as required.
• Any other reasonable duties, as required

About Zero Waste Scotland

Zero Waste Scotland is Scotland’s circular economy expert. We are an Executive NDPB funded by the Scottish Government. We exist to lead Scotland to use products and resources more responsibly, focusing on where we can have the greatest effect on reducing climate change together through responsible consumption, responsible production and maximising value through waste. Using evidence and insight, our goal is to inform policy and motivate individuals and businesses to embrace the environmental, economic, and social benefits of a circular economy.