Your new role
The Group Compliance and Audit Manager is responsible for supporting the business in complying with group policies, processes, and procedures (SOPs), and external requirements including GDPR, ISO standards and all other relevant regulations and legislation. Key Responsibilities
Audit and business certifications
- Manage the Group's internal audit programme.
- Carry out internal audits in line with the Group's internal audit programme and ensure that findings add value to the business.
- Produce audit reports within agreed timescales that are factually accurate, and a true reflection of the processes audited.
- Ensure that audit findings are resolved by auditees within agreed timescales.
- Work with each site to manage and maintain the Group's Integrated Management System to ensure that it remains current, fit for purpose, efficient, effective and compliant with internal and external requirements.
- Maintain all controlled documents in the Integrated Management System.
- Manage and maintain compliance with ISO and other certifications including PCI DSS. Ensure that new sites achieve the required certifications and maintain compliance with these standards.
- Be the primary point of contact for all relevant certifying and assessment bodies.
- Oversee all external audits in the Group and provide support to all sites during the audit process.
- Ensure that there are GDPR-compliant policies, processes and procedures in place and that these are regularly reviewed, updated and communicated to all team members.
- Establish systems and processes to measure and monitor that appropriate and regular compliance training is taking place within agreed timescales.
- Investigate and manage any compliance incidents including personal data breaches through to resolution, and where applicable ensure that these are reported to the regulators within required timescales. Ensure that root causes of any risks or issues are identified and preventive actions are put in place and evaluated for effectiveness.
- Support the Group Compliance and Audit Director with maintaining the Group's risk and governance framework.
- Know and understand defined role in Business Continuity Plan.
- Support the Group Compliance and Audit Director with Crisis Management and Business Continuity incidents and associated procedures and activities.
- Comply with all company policies and all relevant data protection legislation to ensure our:
- Clients' and team members' sensitive and personal information is protected and processed in accordance with the law
- Our team members' and clients' rights under the legislation are protected and treated with the utmost respect and integrity.
Management information and reporting
- Develop and implement reporting tools to monitor, measure and analyse adherence to process, identify areas for improvement and support the resolution of identified issues or areas for concern.
- Report outcomes of audit and monitoring activities and any resulting risks and issues to senior management and other key stakeholders.
- Monitor, measure and analyse the performance of the IMS and report to senior management on its effectiveness and where improvements can be made.
- Produce accurate and timely reporting.
- Close liaison with team members to ensure policies, procedures and standards are consistently articulated, implemented and embedded across the Group.
- Ensure health and safety, client satisfaction, information security, quality, environment, compliance, and team member performance are considered in all aspects of the quality management system and associated policies, processes and procedures, including SOPs.
- Meet and work collaboratively with stakeholders and colleagues in Performance and other support areas to ensure ways of working are fit for purpose and compliant with internal and external requirements.
- Challenge current ways of working, identify and/or design best practices that can be shared across the Group and support change.
- Promote a culture of continual improvement where ideas are shared and implemented where possible.