UKI Information Certification Senior Manager 1

at  EY

Reports to:
Information Lifecycle and Certification Lead
Job Title:
Information Assurance Manager
Direct Reports:
N/A
Location
London (including UK&I travel)

PROFESSIONAL MEMBERSHIP/QUALIFICATIONS

• Qualified Lead Auditor – QMS (ISO 9001) and EMS (ISO 14001) essential.
• Qualified Lead Implementer – ISO 27001 – desirable
• IOSH or Relevant qualification (NEBOSH) desirable.
• Associate or Member of Chartered Quality Institute desirable.
• Registered with International Registrar of Certificated Auditors (IRCA) for any or all: QMS, EMS, EnMS, ISMS desirable.

OVERVIEW OF ROLE:

Information Assurance and Business Technology is part of the Regional Operations Management team and acts as custodian for a number of key certifications among client and service teams that supports the UKI business.
The Information Assurance Manager is responsible for supporting the provision and effective management of all external certifications and third party scorecards as well as the operational and strategic delivery of the ISMS and IMS in UK&I. In addition, the role will provide support to critical Records and Information Management systems and processes.

OPERATIONAL RESPONSIBILITIES

• Manage and deliver all practices put in place to support the Integrated Management System (IMS) strategy to ensure continued ISO certifications for ISO 9001 (Quality) and ISO 14001 (Environmental) to the current scope.
• Support the operational delivery of the UKI Information Security Management System (ISMS) to ensure continued certification to ISO 27001 for all UK offices and coworking locations within scope.
• Work alongside the Information Certification Senior Manager to undertake planning, management and delivery of all UKI external certifcations and third party scorecards. This includes but not limited to Achilles, EcoVadis, Cyber Essentials, FSQS, Risk Ledger.
• Work with the Information Assurance Programme and Delivery Lead to maintain the Information Governance Framework and provide support during periods of absence with critical UKI Records Management systems such as the GRS and RE-REQ.
• Provide subject matter expertise to the team on technical and operational IMS and ISMS documentation.
• Undertake onsite and remote IMS internal audits in accordance with the IMS internal audit plan.
• Provide a monthly IMS dashboard reporting on internal, external and third party audits/inspections.
• Maintain the IMS systems including intranet pages, document and records registers, the online legislation register, the shared storage space on servers and the Continual Improvements Reports Database (CIRD).
• Ensure IMS and ISMS risks are identified and control measures are in place
• Responsible for identifying & delivering relevant IMS and ISMS training.
• Chair (or participate) in team and service partner meetings as appropriate.
• Chair IMS management meetings as appropriate.
• Ensure best practice and external knowledge is maintained and shared with key stakeholders. Apply best practice techniques as appropriate.
• Promote quality achievement, environmental management and health & safety compliance to CBS and AWS senior leadership.
• Support Workplace Services team in IMS related activities including, but not limited to; environmental monitoring, management of utilities, elimination/reduction/recycling initiatives and reporting.
• Ensure that processes needed for the IMS and ISMS are maintained in accordance with the requirements of EY, ISO standards and legal and other requirements.
• Report to CBS Senior Management on the performance of the IMS and any need for improvement.
• Ensure the promotion of awareness of customer requirements throughout EY.
• Support the Head of Workplace Operations in delivering their responsibilities where applicable
• Fully support the implementation and ongoing requirements of EY ISO standards. Ensure all areas are compliant with its policies and procedures, and where appropriate, actively contribute to continuous improvement programmes.
• Support the Information Certification Senior Manager in periods of absence and together ensure there is a coordinated strategy in relation to the audit schedule.
• Support the Information Lifecycle and Certfication Director in delivering their responsibilities where applicable.

MANAGEMENT REPRESENTATIVE RESPONSIBILITIES

• Ensuring that processes needed for the Integrated Management System and Information Security Management System are established, implemented and maintained in accordance with the requirements of EY, ISO standards and legal and other requirements.
• Reporting to senior management on the performance of the Integrated Management System and Information Security Management System and any need for improvement.
• Ensuring the promotion of awareness of customer requirements throughout EY.