Information Governance Officer

Are you passionate about data protection and ready to make a real impact in public service? The Crown Office and Procurator Fiscal Service (COPFS) is looking for a detail-oriented and proactive Information Governance Officer to join our dynamic Information Governance Security Assurance Unit.

In this vital role, you’ll lead on managing data incidents and breaches, support investigations, and help ensure compliance with GDPR and the Data Protection Act 2018. You’ll work closely with the Data Protection Officer and other specialists to uphold the highest standards of information governance and security.

If you have a strong grasp of incident response practices, excellent communication skills, and thrive in a fast-paced environment, we’d love to hear from you.

The Information Governance and Security Assurance Unit
(IGSAU) is a multidisciplinary team responsible for upholding
the highest standards of data protection, transparency, and
organisational security across COPFS.

As our Information Governance Officer (Incident Response),
together with the Data Handling and Records Management
Manager and Data Protection Officer (DPO), you will ensure
that COPFS is compliant with the Data Protection Act 2018
which incorporates the Law Enforcement Directive and the
General Data Protection Regulations in relation to the
investigation of data incidents and breaches.

Responsibilities

• Managing all data incidents and breaches received to the
Data Incidents mailbox. Oversees the handling of low-risk
incidents by the admin team and escalates where
necessary.
• Assisting the DPO with incident and breach audits, including
action chasing and logging actions and updates in the audit
register.
• Escalating any data breaches to the Data Handling &
Records Management Manager and DPO as appropriate.
• Assisting the DPO & Data Handling & Records
Management Manager with ICO investigations and
collecting data for reports when requested.
• Maintaining the data breach register with up-to-date
information.
• Producing or approving statistical analysis done by admins
of data breaches for various committees and forums.
• Providing relevant advice and guidance on incident
response processes.
• Updating the incident processes, forms and templates as
appropriate, in line with best practice, legislative
requirements and feedback received.
• Assisting with the development of data handling training.
• Keeping abreast of relevant best practice and any
regulatory changes and highlighting any changes to line
management.
• Assisting the other Information Governance Officers when
required, helping with any Data Sharing requests when
there is a high volume of requests or during periods of
absence.

Please note these are not exhaustive lists and other
duties may be required as appropriate to the role.

We are looking for a proactive and detail-oriented individual with a strong understanding of incident response methodologies and
best practices. The ideal candidate will have sound knowledge of the General Data Protection Regulation (GDPR), the Data
Protection Act 2018, and the Law Enforcement Directive, and will be confident in applying this knowledge to real-world data
incidents and breaches.

You should have excellent written communication skills, with the ability to draft clear and accurate responses to both internal
stakeholders and data subjects. Strong analytical and problem-solving abilities are essential, as is the capacity to manage multiple
tasks and meet tight deadlines under pressure. You will be highly organised, with a keen eye for detail and a commitment to
maintaining accurate records and registers.

We are seeking someone who is a confident decision-maker, capable of working independently while also contributing effectively to
a collaborative team environment. A proactive approach to continuous improvement, discretion in handling sensitive information,
and a willingness to support colleagues across the wider Information Governance and Security Assurance Unit are also key to
success in this role.

Essential Criteria

Please note the competencies referred to in our application pack form the key essential criteria for the role. You will also be required to
demonstrate:

• Knowledge of incident response methodologies and practices.
• Knowledge of GDPR and the Data Protection Act 2018.
• Strong written communication skills for drafting responses to data subjects and internal stakeholders.
• Ability to manage multiple tasks and meet deadlines under pressure.
• Proficiency in maintaining accurate records and registers

We offer an excellent range of benefits which include:

• • 25 days paid holiday + 11.5 public and privilege holidays (rising to 30 days paid holiday after 4 years).
  • Generous Civil Service Pension employer contribution, on average over 28.97% of your pay
  • Flexible working hours and family friendly approach to work.
  • Cycle to Work Scheme and Season Ticket Loans.
  • Employee Wellbeing Support with Mental Health First Aiders and access to an Employee Assistance Programme.

Job contact :

• Name : Sarah Holmes
• Email : [email protected]

Recruitment team

• Email : [email protected]