Data Protection Officer-(Sp6)

Capricorn Group Limited - namibia

15 days ago

Data Protection Officer-(SP6)

Listing reference: capbg_000058

Listing status: Online

Apply by: 20 September 2024

Position summary

Introduction

Responsible for ensuring that the bank processes personal data in a lawful and correct manner, in accordance with provisions of the Data Protection Act and good practice.

Job description


  • Keep a record of all Bank Gaborone processing activities, which shall be immediately accessible to any person applying for access.
  • Ensure that the data controller (Bank Gaborone) processes personal data in a lawful and correct manner and in accordance with good practice, and where there are inadequacies , these are reported to the data controller.
  • Assists customers to ensure that their rights under the Act are protected.
  • Reviews the adequacy of the Binding Corporate Rules and shares the findings with the Legal office for remediation.
  • Provides timely notification to the Commissioner where there is contravention of rules applicable for processing personal data.
  • Continuous engagements with the Commissioner on implementing rules of processing personal data as per the Act.
  • Maintains an inventory and records for all data activities processing conducted by the Bank.
  • Assesses and monitors risks emanating from processing operations.
  • Works with Legal and Compliance team in the review of Data protection/ privacy processes and procedures for all third-party vendors including outsourced services.
  • Take a leading role in the vendor risk assessment to ensure all contracts and SLAs have the right Data Privacy clauses
  • Maintains customer request for information as per the Acts definition of data subject's rights.
  • Oversight of the bank's data protection strategy and implementation.
  • Provides training to staff on the Data Protection Act and the GDPR requirements.
  • Conducting independent and regular assessments/ audits to ensure the Act and GDPRs compliance.
  • Liaison/ point of contact between the Bank and the Information and Data protection Commissioner.
  • Informs and advises the Bank and staff who carries out processing of their obligations pursuant to the Data protection regulation
  • Draft policies and other governance documentation in relation to protection of personal data and processing operations.
  • Provide advice where requested as regards to the data protection impact assessment and monitor its performance.
  • Monitor non-compliance and escalate any issues where non-compliance is not addressed.
  • Timely revision of the DPA impact assessment to identify control weaknesses for remediation.
  • Ensure that all employees are aware of the Bank`s Data Protection Policy, control mechanisms and the channel of reporting.
  • Prepare monthly and quarterly reports to the Operational Risk Forum, Risk Committee, the Executive Management Team and the Board Risk and Compliance Committee.
  • Timely adherence to regulatory requests by regulators and law enforcement agencies.
  • Timely review of the Data Protection Policy and guidelines.


Minimum requirements

  • Bachelor`s degree in Law (LLB) /Data Information/Information Technology/ Risk Management /Information Security OR any related field,
  • At least 5 years banking experience, 2 of which should have been in the regulatory Compliance/ Legal/ Cyber Security /information technology or audit preferably in a banking environment.
  • A general knowledge and understanding of Data protection and privacy legislation and other core legislations such as Banking Act, Financial Intelligence Act, and the international GDPR
  • Sound knowledge of financial and Banking services will be an advantage.
  • Good computer literacy /knowledge of MS Word, MS Excel and MS Outlook.
  • Ability to communicate effectively, verbally and in writing, to clearly express the logically reasoned ideas.


Related Jobs

Apply Now