DUTIES & RESPONSIBILITIES:

• Acts as internal change agent/consultant and HR partner of line management in implementing HR interventions in the areas of data, privacy, organization design and development, organizational performance enhancement, culture change management and service quality improvement.
• Ensures the conduct of Privacy Impact Assessments relative to activities, measures, projects, programs, or systems
• Acts as gatekeeper and consolidator of all employee data. Sanitizes & maintain a record of all data and presents the same thereof depending on the requirement.
• Ensures consistency in the implementation of HR Standards & Process and assist in the development or revisions of said M&P?s.
• Assists the auditor & HR team in obtaining an understanding of internal control or in performing tests of controls or substantive tests.
• Closely coordinates with the different HR Leads, he/she shall then conduct workshops and orientation programs to cascade important information such as Systems Training etc.
• Ascertain renewal of accreditations or certifications necessary to maintain the required standards in terms of organizational business as well as personal data processing.
• Handles special projects as required from time-to-time example Database transfer, Specialized Attrition reports, BCP, etc.
• Performs risk assessments on key business activities and using this information to guide what to cover in audits.
• Prepares reports to highlight issues and problems and distributing the reports to the relevant people;
• Able to establish, implement and continuously improve the quality information security policies assigned to him / her
• Able to establish structure and procedures to protect classified information.
• Able to report information security related incidents without any delay to the right authority.

Example: All information-related incidents, losses, weaknesses and software/hardware malfunctions, breaches of confidentiality, Missing 201 files etc.

• Travels to different sites to meet relevant staff and obtain documents and information and lead teams with full accountability.

• Researches and assess how well risk management processes are working and recording the results.

General Safety and Security

• Protects the organization?s assets by upholding the principles of the Quality Information Security Management System (QISMS).
• Ensures confidentiality, integrity, and availability of information critical to fulfilling the organization?s business functions.
• Reports Information Security related incidents without any delay to the right authority.  Example:  All information related incidents, losses, weaknesses and software/hardware malfunctions, breaches of confidentiality.
• Actively participates during training, orientation and awareness programs pertaining to QISMS & Data Privacy.