Senior Information Assurance and Risk Manager (Ref: 5098)

This position is based at MOJ Buchanan Wharf, G5 8AQ.

Job Summary

Please refer to the Job Description.

Job Description

The Criminal Injuries Compensation Authority (CICA) is an executive agency of the Ministry of Justice. We receive over 40,000 applications a year for compensation, from people who have lost loved ones or have been injured as a result of violent crime. We know financial compensation can never fully redress what they have suffered. Nevertheless, what we do is an important part of providing justice for victims and we take pride that the compensation we pay helps people move forward with their lives.

Some of the material you will access may include upsetting personal accounts of harm inflicted by others. This could include sexual assault and violence against children. We recognise the personal impact this may have and we provide resilience training, to promote wellbeing.

We employ around 300 people and are based in Glasgow city centre, with excellent transport links. We are a small, engaged, productive workforce with a real sense of corporate community. We want to keep improving our services and the way we work to best serve the public, meet new challenges, deliver value for money and ensure CICA is a great place to work.

This position is based at Buchanan Wharf, 10 Clyde Place, Glasgow, G5 8AQ. We currently operate a hybrid working business model, where a typical employee works 3 days a week in the Glasgow office and the remainder at home.

The Role

The Senior Information Assurance and Risk Manager plays a vital role within CICA, overseeing risk management, information assurance and fraud prevention activities within the organisation to ensure effective decision making and compliance with statutory requirements.

The post holder reports into the Director of Corporate Services and represents their area at the Executive Management Committee (EMC), the Audit and Risk Assurance Committee (ARAC) and the CICA Board. You will lead a small team of nine, with direct line management responsibility for four people, overseeing workstreams covering data protection, information asset management, Subject Access Requests (SARs) and Freedom of Information (FOI) requests. Additionally, you will also be responsible for ensuring that CICA continues to develop its risk management and counter fraud policies, co-ordinating the identification, assessment, management and monitoring of risk to embed a strong, proactive culture throughout the organisation.

As a member of the senior leadership team you will work collaboratively with different business functions across CICA, acting as a champion for best practice in information assurance and risk management.

Duties And Responsibilities

• Lead the organisation’s approach to risk, fraud prevention and information assurance, providing expert advice as appropriate.
• Oversight of managing SAR and Freedom of Information requests within statutory timeframes.
• Continuously improve CICA’s risk management framework, including maintaining the strategic risk register and presenting at appropriate Boards, ensuring alignment with wider MoJ risk management and Orange Book requirements.
• Maintain CICA policy and processes on data protection and counter fraud in line with best practice and legislative requirements, including robust processes for incident management.
• Engage with senior leaders across the organisation to ensure a high level of understanding of the importance of good information asset management and security, advising on information risk and taking action to increase awareness as appropriate.
• Work closely with MoJ Data Protection Officer and the CICA Senior Information Risk Owner to manage risk, providing performance and compliance data, and undertaking information audits where required to effectively manage data governance.
• Managing and providing leadership within your area, contributing towards meeting CICA business objectives and KPIs and delivery of actions within the Business Plan.
• Responsibility for building and maintaining effective relationships with external stakeholders such as Parliamentary and Health Service Ombudsman and Information Commissioner’s Office.

• Experience working in information assurance either in data protection, FOIs, SARs and/or related areas.
• Experience of defining Information Management policies and guidance.
• Good understanding of information legislation and regulation.
• Experience of utilising risk management frameworks and counter fraud protocols.
• Strong leadership/management skills developed through experience managing teams.
• Excellent organisational skills and ability to prioritise in order to deliver successful business outcomes.
• Excellent written and verbal communication skills with an ability to explain complex information in a clear and simple way to a variety of audiences including senior stakeholders.
• Strong interpersonal skills, with the ability to develop effective working relationships with a wide range of internal and external stakeholders, offering constructive challenge across all organisational levels.

• Demonstrable previous experience obtained within a similar role at a similar level.

• Leadership
• Managing a Quality Service
• Delivering at Pace
• Making Effective Decisions

• Job Contact : SSCL Recruitment Enquiries Team
• Email : moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk
• Telephone : 0345 241 5359