Banner Default Image

Information Governance Manager

Back to job search

Information Governance Manager

  • Location:


  • Sector:

    Knowledge & Information Management

  • Job ref:


  • Job type:


  • Salary:


  • Contact:

    Mark Leigh

  • Contact email:

  • Contact phone:


  • Posted:


  • Startdate:


Information Governance Manager


Part time 3 days a week



Sue Hill Recruitment are pleased to be working with a property company looking for a new key member for their evolving team, focused on information governance, including data protection, for the UK property business and group team activities.

The purpose of the role is implementing an up-to-date information governance framework, so that (1) information throughout its lifecycle, from creation to disposal or permanent preservation in the archives, is managed appropriately for business needs and records management, and as consistently as feasible across Grosvenor, and (2) the business has pragmatic approaches to data protection legislation compliance, including acting as designated “Privacy Officer”.

This is an excellent opportunity for an information governance specialist to work hand-in-hand with the business teams, in a culture of innovation, collaboration, high performance and growth mindset.While you will have autonomy, you will have the support of information governance colleagues in the other businesses, plus the Legal team. The work will be a mix of direct operating company activity in the UK property business, plus group level activities in the UK.Following changes in organisation, this reframed role is something that you can make your own.

Key Responsibilities

Information governance

 ·        Formulating, delivering and monitoring an up-to-date information governance framework.For our UK property operating business as the main area of activity, but also working with Grosvenor’s group level corporate services teams who support the broader Grosvenor-wide activities (finance, HR, technology, H&S, legal, company secretary, treasury etc).

·        Guiding information management system efficiencies for ongoing information access, document retention, long-term archives, confidentiality and data security.

·        Promoting awareness and use of records, information and archives to support business activities.

·        Working with archivists on longer term retention and records preservation, including digital preservation.

·        Supporting business-wide data quality improvement projects.

·        Maintaining visibility on information operational risk and its management/mitigation by the business, with insightful risk reporting for senior management/Board committees.

·        Being a key member of the Grosvenor-wide information governance community, championing collaboration, consistency, innovation and know-how sharing.

 Data protection & privacy

·        Creating a risk-proportionate and pragmatic data compliance approach for the relevant business teams, enhancing efficiency.Includes business-appropriate standards, policies and procedures, supported by impactful know-how and training.

·        Acting as “Privacy Officer”, being the primary contact for data protection internally for the business teams and externally for regulators, ICO registrations, DSARs, privacy notices etc.

·        Providing internal data protection support, covering embedding operationally efficient “privacy by design” via information risk assessments and mitigations (eg business process assessment, DPIAs, due diligence etc); data incident response; cyber risk/business continuity plan; data protection clauses for contracts (working with the Legal team); onboarding suppliers/risk assessments support; and Technology team security risk assessments.

·        Keeping up to date with relevant legislation, industry standards, code of practice, guidance etc.

 Person Specification

·        Degree qualification in an information management related discipline, with data protection qualifications (CIPP/E, CIPM).

·        5 years’ experience in operational and strategic records management (candidates with less experience will be considered, depending on other professional experiences).

·        Sound knowledge and experience of practical implications of information legislation and compliance requirements under the Data Protection Act and GDPR.Ability to anticipate and evaluate potential privacy and data protection compliance challenges (including organisational structures, business processes, etc).

·        Experience of devising and implementing policies and procedures in a business context, including project management.Able to translate legislation and specialist guidance into clear business-focused procedures, guidance and training.

·        Comfortable working with and understanding new business/operational technology for (1) information governance management, and (2) data protection.

·        Commercially minded and pragmatic.

·        Must thrive in a relationship-based environment, building internal networks and influencing outcomes.