Governance Risk and Compliance Lead

Job responsibilities

In this role, you are accountable for:

1. Managing, leading, and coaching teams within the Governance, Risk and Reporting function,
2. Leading, and coaching colleagues within the Governance, Risk and Compliance function, as well as across the wider DDaT directorate where needed.
3. The timely production of key reports for DDaT boards by using existing data and information, standards, tools, and approaches, to co-ordinate key performance information (KPIs), balanced business scorecard information, financial information, and re-charges, as well as the identification of potential opportunities to optimise resources across all DDaT Services and projects.
4. Using existing data and information standards, tools, and approaches, and making key decisions for the team.
5. Stay abreast of new and innovative approaches, through horizon scanning to ensure the organisation remains abreast of new developments, risks, or issues.
6. Through an approach of continual improvement, identify, evaluate, and implement new and innovative ways of working to achieve the right outcomes for the organisation.
7. As a recognised expert and advocate for IT Governance, Agile and Lean development as well as other disciplines, you will continuously reflect and challenge the team to deliver high quality outputs, reports, and information, whilst contributing to the increasing maturity of the organisations and Directorates capability in IT Governance.
8. Owning risk reporting for DDaT and working to the organisations risk frameworks and appetite, to manage and report on risk effectively across the Directorate, including risk identification, assessment, response, mitigation control monitoring, and reporting on the outcomes.
9. Advising the Governance, Risk and Compliance Principal, the Head of Governance, the CDDTO as well as other Heads of Service, and Senior Managers on a range of topics including NHSX spend controls, service assessments, major risks, especially relating to Service and Organisation debt, providing practical recommendations to ensure risks are appropriately managed, reduced, mitigated, and eradicated.
10. With a strong background of working with financial information, develop and report upon spend forecasting as well as cloud charging elements (eg FinOps) and design and implement a combined view of cost to serve, recharge, resource allocation to create frameworks to support the Directorate wide view of real-time cost insights, aimed at identifying and driving cost optimisation opportunities with the ability to link services to business value.
11. Working collaboratively across the whole DDaT function both within the NHSBSA and forming networks across other government bodies and being an effective member of these networks.
12. Developing and illustrating strong knowledge of the wider digital economy and advances in technology, to become an active member in the Governance community across government bodies.
13. Demonstrating excellent collaborative skills, you will be responsible for developing strong relationships within the other DDaT roles, job families and professions to help shape the success of the organisation.
14. Horizon scanning and understanding the key trends such as FinOps, Devops, Resource and capability frameworks, including experience with financial management of resources,
15. Lead and participate in commercial activities to ensure the procurement of the right products and services, ensuring that the benefits are realised for the implementation of these products, and adequately reported on so that the organisation can ensure the business needs are met.
16. Lead, manage, and report upon progress of activities pertaining to internal and external audits to ensure that the organisation remains compliant and meets the relevant standards for reporting on both tangible and intangible assets and any incremental continuous improvements, and any work in progress is reflected within relevant product roadmaps, and within the financial structures and systems.
17. Managing budgets and costs associated with the team, assessing, and anticipating where skills needs may change and evolve. This will include being accountable for the resource profile of the wider Governance teams, developing requirements for funding, managing any associated training, learning and development budgets, as well as inputting into business and financial planning for any additional requirements.
18. Developing and implementing strategies and plans to support the removal or reduction of risk posed by legacy products, and by working with the relevant Heads of Service and Directors, develop adequate reporting to inform the progress against plans to key organisational boards such as the Audit and Risk Committee, providing up to date information to ensure they are replaced, re-platformed, or re-developed in a timely manner including retirement of obsolete or redundant products.
19. Designing and implementing sustainable reporting models, identifying, and escalating the relevant risks associated with capacity and demand management.
20. Coaching others and communicating highly complex concepts and information to others to help them understand and execute any actions.
21. Horizon scanning and keeping abreast of industry best practice, new policies, and procedures.
22. Working across Governance and Assurance, to develop and implement new policies, processes, and practices that may be required to support the function on behalf of the NHSBSA. This will include evaluating existing practices, identifying opportunities, and designing, developing, and implementing relevant changes that contribute to increased efficiencies.
23. Acting as part of the escalation pathway to the Head of Governance for risks or issues, and prioritising work for self and others accordingly.
24. Ensuring that the operational management of products is robust and work closely with leaders of operational delivery teams in DDaT, Service Management and Governance to communicate progress.
25. Conducting and reporting of frequent reviews, anticipating, and defending against problems in a timely manner, taking ownership of resolving underlying problems ensuring this is then accounted for, prioritised, and delivered within the relevant product roadmaps.
26. Regularly dealing with highly complex, ambiguous, and sensitive information, synthesising this and communicating this effectively to Senior stakeholders, Heads of Service and Directors, to influence or negotiate outcomes.
27. Representing the Governance, Risk and Compliance Principal, and Head of Governance at senior levels across the organisation and making decisions, providing visible leadership, and acting as a point of escalation, evaluating complex information, with the autonomy to take a risk-based approach to implementing positive action.
28. Leading, and contributing at a senior level, and actively leading the professional community for Governance. Implementing new processes and approaches for the management of new and existing information sets. Coaching other members of the profession and designing and implementing new ways of working where needed. Demonstrating an awareness of what other sectors are doing, championing applicable change within this organisation.
29. Implementing and shaping an environment that supports the ongoing maturing of Governance teams and contributing to the direction and evaluation of which tools or methods to use within the function in conjunction with the relevant professional leads and architecture

#LI-DNI

Personal Qualities, Knowledge, and Skills

Essential

• A strong understanding of governance and risk management and mitigation frameworks.
• A strong background of working across both Agile and Waterfall environments, to co-create the conditions to succeed in the Governance function for self and others.
• Deriving insight from and making decisions based on a range of operational IT related information,
• Developing and applying models and principles to financial and transactional information to create robust and repeatable business and operational reporting, using technologies available and demonstrating value for money.
• A strong understanding and knowledge of the wider digital economy, advances in technology and the ability to interpret highly complex or ambiguous information, to develop and manage the overarching reporting of Organisational/Service and Technical debt.
• Identifying and solving problems, including the skill to deliver multiple pieces of work, with competing priorities.
• High levels of autonomy to work on own initiative, taking decisions and actions in line with business aims of the organisation
• Significant understanding of product lifecycle and management, user centred design principles and approaches, and agile development methods to ensure full understanding of information related to these disciplines.
• Ability to synthesise and translate complex information related to the holistic functions across the IT estate, including feeding into organisational reporting and governance to develop a suite of meaningful information outlets that can be utilised to create efficient working practices.
• Ability to translate vision into realistic and tangible goals.
• Ability to understand and identify benefits and monitor their realisation against business cases.
• Managing and/or reporting of projects and programmes of work.

Desirable

• Working to common COBIT and ITIL standards and developing processes to support and organise governance objectives and practices by IT domains and processes so they can be linked to business requirements.
• Knowledge of governance standards relating to digital delivery within the public health sector such as Government Service Standards, Technology code of practice, Portfolio Management, Prince2 and Agile delivery.
• Understanding of other IT Governance frameworks, FinOps principles and Performance and Risk Management frameworks.
• Delivery of incremental and iterative continuous improvement which extends the economic life of products and services, maximising efficiencies and return on investment, and the reporting of tangible and intangible assets.

Experience

Essential

• Demonstratable and extensive experience of working within governance models and frameworks within an IT organisation.
• Demonstrable and extensive experience of contributing and reporting on audit activities to assure compliance and developing actions and roadmaps in conjunction with relevant recommendations.
• Managing multiple priorities against regulatory requirements and reporting accurate and timely status of these.
• Identifying, reporting, and managing risks and any remediation plans within an IT Setting.
• Managing, monitoring, and reporting against a number of standards, providing key insights to senior management and leadership roles within the organisation.
• Managing people and working within multidisciplinary teams, agile delivery, to enable reporting and allocation of people and resources.
• Implementing strategies, leading, communicating, and setting vision related to IT Governance, Risk and Compliance demonstrating value by leveraging complex information to evaluate and determine outcomes.
• Working with internal and external audit, to ensure compliance and continuous improvement are attained.
• Capturing user needs and translating them into deliverables, defining the minimum viable product (MVP) and make decisions about priorities.
• Significant experience of managing budgets, identifying cost savings and pressures, and allocation of a range of IT resources and people effectively.
• Leading and managing staff with a range of skills and experience to deliver organisational goals and objectives.
• Developing and supporting people, process and systems as an IT Professional
• Identifying non-functional and financial requirements to ensure they are captured and implemented as part of a project.
• Developing capabilities within multi-disciplinary teams, matrix managed and at individual levels.
• Engaging and building relationships with a range of stakeholders to support delivery of business outcomes
• Ongoing and continuous professional development
• Delivering difficult messages in challenging circumstances and providing honest and constructive feedback to support the ongoing development of skills and talent.
• Project Management and Risk Management experience with application of relevant techniques such as Agile project delivery for digital projects in government.
• Business and financial planning, prioritisation of spending and other resources based on return on investment (ROI) and strategic intent.
• Working within constraints, and challenging constraints where needed to maintain compliance.

Desirable

• Understanding of managing operational processes, designing and running a product or service throughout its entire product lifecycle, and the associated IT resources and people needed to run it.
• Interpreting strategy and translate emerging trends and technologies which might impact or benefit the organisation.
• Analysing digital / web services and their consumption of resources in a fast-paced environment
• Open source and cloud technologies and their sourcing.

Qualifications

Essential

• Degree calibre with relevant in-depth knowledge of the subject matter OR Relevant experience of the subject matter
• Evidence of continuous professional development.
• Relevant foundation level qualification in an IT department framework (eg ITIL, COBIT, TOGAF)

Desirable

• Master's qualification in relevant discipline or equivalent experience
• Enhanced level qualification in an IT department framework (eg ITIL, COBIT, TOGAF)
• Project Management qualifications such as Prince 2, OMO
• Scrum/Agile Practitioner

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).