PAMB | Assistant Manager, Information, Technology and Privacy Risk

at  Prudential Plc

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
To act as “second line of defence” to provide assurance and oversight on information and privacy risks that might pose a threat to the business. Provide expert advice and coach relevant parties from business to ensure the relevant policies/guidelines and regulatory are being adhered to.
Principal Duties & Responsibilities:

Advisory

• Assist to provide oversight and assurance within the business that processes, tools and technologies are operating effectively to mitigate risks to information.
• Assist to provide oversight and assurance that local regulatory and legal requirements that affect our information are being effectively met.
• Establish appropriate local guidelines and procedures and ensure local policies are in place so that all local regulatory requirements relating to information security and data privacy are met.
• Coordinate and support the implementation of PCA Information Risk and Privacy policies and guidance
• Assist to ensure that the data protection aspects are properly covered in the governance documents of all systems processing personal data.
• Monitor the implementation of information security and data protection standards, policies and procedures within the organization.
• Support operational functions as required to manage risks to information appropriately by providing advice and guidance on information risk issues to all PAMB major projects and initiatives.

Awareness and Culture

• Coordinate completion of training and awareness.
• Initiates, facilitates and promotes activities to foster information risk and privacy awareness within the organization.
• Provide advice, guidance and regular training for staffs on local policies, standards, processes, procedures and issues relating to the information risk and data privacy.

Monitoring and Reporting

• Coordinate and submit regular reporting requirements to PCA Information Risk and Privacy.
• Coordinate and report (through normal Local Unit reporting framework) half year Turnbull and end year Governance exemptions related to information risk.
• Coordinate and support completion of PCA led Functional and Risk reviews and on site visit program as set out in the annual timetable.
• Provide regular reporting on the status of information and data privacy risk to the appropriate PAMB senior management forums.
• Conduct regular review, timely reporting and escalation of information risk activities to PCA Information Risk and Privacy.
• Implement compliance assessment program to ensure compliance with regulatory requirements and best practices related to information systems security and data privacy.
• Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.

Collaboration with other stakeholders

• Work closely with IT, IT Security, Internal Audit, Compliance, Legal and other stakeholders on information security and data privacy related matters.
• Providing security authorization for requests from functions for exemptions to standard access and use of tools and technologies.

Data Privacy

• Keeping up to date the Privacy policies and procedures including the breach management policy and to disseminate new rules/regulations on privacy to staff.
• Analyse the types of breaches of Privacy law or regulation within the organisation.
• Provide advice on issues relating to Privacy law and relevant legislation, e.g. for projects, programmes and data sharing.
• Assist to ensure that Privacy aspects are properly covered in the governance documents of all systems processing personal data.
• Monitor the implementation of Privacy standards, policies and procedures within the organisation.
• Provide Privacy advice, support and regular training for staff.
• Keeping up to date with relevant developments, identifying significant trends.
• Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.
• Maintains current knowledge of applicable privacy laws, regulations and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.

Please refer the Job description for details