Risk and Compliance Manager
Who we are
Open Doors is a Christian charity that is looking to recruit active, practising Christians to help meet the growing needs of the persecuted church worldwide. Hostility, violence and abuse of Christians around the globe is on the increase. Open Doors works in over 60 countries to ensure that those facing such persecution are not forgotten, but can stand strong to serve their communities and give life.
Responsible for proactively supporting the delivery and development of risk management standards and strategy, and leading the organisation's GDPR compliance as the Data Protection Officer. This role also holds the legal oversight for (non-employment) contracts.
About the team
Reporting to the Chief Executive Officer, you will provide expert risk management to the whole organisation. You will work closely with the Director of People, Culture & Operations, the Operations manager, the project managers, the Head of the Digital Business Centre, and the health and safety, facilities and safeguarding teams.
37.5 hours per week. Usually worked between office opening hours of 8.30am to 6.00pm Monday to Friday.
Responsibilities and requirements
- Develop and champion the risk management framework and policy, and ensure that it is effectively implemented
- Manage the organisation's risk register, working collaboratively with colleagues to ensure regular reviews of the organisation's corporate risks, and monitoring the status of risk mitigation actions (providing escalations where needed)
- Provide insightful and impactful risk reporting to different audiences (to the Board for significant organisational risks, to Directors for risks specific to their areas, and to individuals to understand their own accountabilities)
- Take a proactive approach to managing risks through effective collaboration, learning and review with key stakeholders
- Provide an internal audit function as required or work with third parties to ensure compliance to the required standards
- Provide support, education, and training to staff to build risk awareness throughout the organisation
- Periodically review and improve the business continuity processes
- Review and advise on contracts with suppliers and contractors as required
As the Data Protection Officer
- ensure the organisation complies with data protection laws and good information practice
- develop, update and implement data protection policies and processes
- provide expert advice to the Leadership Team and other colleagues about GDPR and other data protection law obligations and compliance requirements
- monitor data protection compliance and manage all internal data protection activities, including; conducting and escalating data protection impact assessments, conducting legitimate interests reviews, raising awareness of data protection issues, training staff and conducting internal audits
- oversee document management (retention) schedules, process automation, and audit implementation
- act as the first point of contact for supervisory authorities and for individuals whose data is processed (such as staff and supporters)
The above job description is a guide to the work the job holder may be required to undertake but does not form part of the contract of employment and may change from time to time to reflect changing circumstances.
Applying your Christian faith to this role
Because of the essential Christian context in which the role will be performed, the role is subject to an occupational requirement under the Equality Act that the post-holder be a practising Christian. Each working day will involve collective prayer and worship, together with shared reflections on the work of Jesus Christ. All members of staff at Open Doors are expected to actively participate in this shared time and members of staff take it in turns to lead the act of collective worship.
There will be many ways you will be able to apply your Christian faith and the outworking of your faith to the context of Open Doors. The list below gives some of the expectations of this role but is not exhaustive or intended to limit you:
- Contributing to and leading daily devotions (this can be for the whole team or just smaller, departmental groups)
- Participating in retreats, days of prayer and fasting etc.
- Committing to private prayer for the work associated with this role, your direct reports and closest colleagues
- Working in such a way so as to reflect biblical principles of leadership and service
- Applying biblical principles of godly stewardship to operational responsibilities
- To be open and obedient to God’s voice and direction in relation to any strategic matter and to always seek His will above all else
Limits of Authority
To operate within the ethos and aims of Open Doors, adhering to budget parameters and the Open Doors’ confidentiality agreement.
Who you are
You will demonstrate the following essential criteria for this role:
- committed Christian who is completely in sympathy with the calling, mission and Core Values of Open Doors
- chemistry with Open Doors Staff
- relevant degree or equivalent qualification in risk management
- risk management experience, with knowledge of risk management frameworks, processes and methodologies
- able to use data to identify, monitor, report and understand risks to enhance organisational decision-making
- a sound understanding of Data Protection and Compliance legislation
- practical knowledge of information governance in the areas of data protection, record management, and information security
- experience creating data governance policies and processes and engagingly rolling these out across the organisation
- highly perceptive and methodical
- excellent communication, influencing and stakeholder management skills
- strong Microsoft office skills
- outstanding attention to detail
- ability to think strategically
- able to work effectively under pressure
- responsible and mature outlook
- demonstrates a high level of committment
- a positive and professional approach both internally and externally
- a self-starter, confident at taking initiative
In addition, it would be beneficial for you to demonstrate the following:
- Member of the Institute of Risk Management
- Experience of dealing with data breaches and incidents.
Enhanced disclosure information may be requested from the DBS in the event of a successful application.