Our client based in Camberley is seeking an ISO/GDPR Audit and Compliance Associate.
Job Summary
The implementation and maintenance of the clients compliance and internal audit functions. This role will be accountable for ensuring adherence to internal processes, external standards, and applicable regulations (including ISO standards and data protection laws). The role is focused on operational execution and administrative tasks to ensure the client is compliant and can successfully carry out audit and compliance requirements.
Key responsibilities:
- Regulatory monitoring: Track changes in laws/regulations that impact the business (e.g., GDPR & ISO standards).
- Maintain the company's Quality Management System (QMS) to ensure compliance with ISO 9001 and ISO 27001 standards.
- Policy management: Help draft, update, and communicate internal compliance policies.
- Training & awareness: Conduct staff training on compliance topics (e.g., data protection, anti-bribery).
- Compliance checks: Monitor business processes to ensure alignment with internal and external standards.
- Reporting breaches: Escalate and document incidents of non-compliance.
- Liaison with regulators: Support responses to external audits, inspections, or regulatory queries.
- Maintain and update the Integrated Management System (IMS) Library, ensuring all documents (policies, procedures, forms, etc.) are current, accessible, and properly version controlled.
- Core outcome: Prevent regulatory breaches, fines, and reputational risks.
Internal audits: Customer, operational, and IT controls against policies and risk frameworks.
- Risk assessment: Identify control weaknesses and areas for improvement.
- Audit planning: Assist in scoping and scheduling internal audits.
- Evidence gathering: Review documents, interview staff, and analyse data to verify processes.
- Audit reports: Draft findings, highlight deficiencies, and recommend corrective actions.
- Follow-up audits: Track progress of remediation actions and ensure fixes are implemented. Accountable
- Administrative tasks related to compliance documentation, including filing, formatting and distribution updated documents.
- Keeping Risk register up to date
- Change management process.
Experience and Qualifications
- Quality management experience
- Knowledge of Information security and legislative requirements.
- ISO9001, ISO27001 implementation knowledge
- Experience in auditing ISO9001 and ISO27001 systems
- Excellent communication skills (Written & oral)
- Excellent stakeholder management skills