Current timestamp: 17/06/2026 01:40:14
AgeAlertAnonymousAppealsApplicationsApply Or RegisterArea OutlineArrow DownArrow LeftArrow RightArrow UpAutomatic DoorsBack ArrowBusinessCalendarCashArrow DownArrow LeftArrow RightArrow Down[Missing text '/SvgIcons/Symbols/Titles/icon-chrome' for 'English (United Kingdom)']ClockCloseContactDirectionsDocumentDownloadDrawDrugExpandExternal LinkFacebookFb CommentFb LikeFiletype DefaultFiletype DocFiletype PdfFiletype PptFiletype XlsFinance[Missing text '/SvgIcons/Symbols/Titles/icon-firefox' for 'English (United Kingdom)']First AidFlickrFraudGive FeedbackGlobeGuide DogHealthHearing ImpairedInduction LoopInfoInstagramIntercom[Missing text '/SvgIcons/Symbols/Titles/icon-internet-explorer' for 'English (United Kingdom)']LaptopLiftLinkedinLocal Activity[Missing text '/SvgIcons/Symbols/Titles/icon-location' for 'English (United Kingdom)']LoudspeakerLow CounterMailMapMap PinMembershipMenuMenu 2[Missing text '/SvgIcons/Symbols/Titles/icon-microsoft-edge' for 'English (United Kingdom)']Missing PeopleMobility ImpairmentNationalityNorth PointerOne Mile RadiusOverviewPagesPaper PlaneParkingPdfPhonePinterestPlayPushchairRefreshReportRequestRestart[Missing text '/SvgIcons/Symbols/Titles/icon-rotate-clockwise' for 'English (United Kingdom)']Rss[Missing text '/SvgIcons/Symbols/Titles/icon-safari' for 'English (United Kingdom)']SearchShareSign LanguageSnapchatStart AgainStatsStats And Prevention AdviceStopSubscribeTargetTattosTell Us AboutTickTumblrTwenty Four HoursTwitter LikeTwitter ReplyTwitter RetweetUploadVisually ImpairedWhatsappWheelchairWheelchair AssistedWheelchair ParkingWheelchair RampWheelchair WcYoutubeZoom InZoom Out

Leave this site

Skip to main content

Skip to main navigation

Welcome

This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.

Data Protection Compliance Manager

Job title: Data Protection Compliance Manager
Grade: PO 2
Role code: EUX1230
Status: Police Staff
Home Office code: Organisational Support

Main purpose of the role:

Reporting to the Force Data Protection Officer (DPO), the Data Protection Compliance Manager will act as the tactical lead for information-based risk, specifically leading on data protection audit-based activity for the Force (to identify, assess and mitigate information-based risk). The role will line manage the Data Protection specific resources. Activities will include development of force-wide data protection audit schedule, and duties associated to supporting the Information Asset Register. The role also acts as an auxiliary resource for assuring police systems, where demand exceeds the working capacity of the Force Information Security Officer and/or Information Security Accreditor. This position may be required to assist with policy and procedure development, regulatory and standards compliance, risk assessments/management, and other related information assurance activities.

Main responsibilities:

  • Manage information-based risk, specifically leading on data protection audit-based activity for the Force and general day-to-day management of the Forces Information Asset Register. Activity will be centred around identifying areas of non-compliance and risk, by managing activity associated to data protection auditing (both via site visits, Information Asset Register (IAR) audits etc.). Any areas of residual risk will be escalated via the appropriate channels, including to risk star chamber, or the Learning the Lessons Board or other Board - any escalation will be agreed by the Force DPO).
  • Develop and deliver force-wide data protection audit schedule. This is a requirement of the UK General Data Protection Regulation (GDPR) (and not currently resourced in Essex Police). The data protection audit schedule is owned by the Force DPO. This audit activity is required to not only satisfy the obligation as set on Controllers within data protection law, but to specifically to action the high-risk recommendation made by the Information Commissioners 2018/19 audit of Essex Police
  • Co-ordinate activity associated to the Information Asset Register, as directed by the Force DPO. The IAR is a legal requirement of the UK GDPR and requires regular maintenance to keep it compliant.
  • Deputise for the Force Data Protection Officer - where it is deemed appropriate to do so, as it is required. This may include responsibilities for training members of the Professionalism Command or the wider force.
  • Manage and co-ordinate activity associated to the decommissioning of IT systems, working closely with ITD lead and Information Asset Owners. This activity is required to reduce the cyber-related risk associated to continuing to support obsolete systems on the KEP network.
  • Act as an auxiliary resource for assuring police systems, where demand exceeds the working capacity of the Force Information Security Officer and/or Information Security Accreditor. To ensure that the Force is compliant with national policing information assurance requirements and Codes of Connection.
  • This position may be required to assist with policy and procedure development, regulatory and standards compliance, risk assessments/management, and other related information assurance activities.
  • Any reasonable management request in relation to supporting activity concerning information-based risk and/or data protection compliance.

September 2022

Necessary experience:

The post holder will be required to have a good working knowledge of Data Protection Legislation and the responsibilities of the Data Protection Officer and the Senior Information Risk Owner roles. A formal data protection qualification, BCS Practitioners Certificate in Data Protection. The post holder will need evidence of 2-5 years previous experience in a data protection environment.

The post holder will have experience working in an Information Security/Assurance environment, a minimum of 2 years experience. The BCS certificate in Information Security Management Principles (CISMP) would be desirable.

Line management experience and experience of assuring systems in accordance with national policing information assurance

Behaviours

We are emotionally aware (Level 2)

  • I help other people learn from their experiences and emotional responses to support and improve their performance.
  • I monitor the wellbeing of others, taking responsibility to ensure appropriate support is provided to help colleagues stay at their best, without stigma or judgement.
  • I provide others with confidence by staying focused and composed in stressful situations.
  • I recognise when my colleagues are affected by the demands, stresses and traumas that can exist in policing, and support them however I can.
  • I role model reflecting on my own emotions to promote an open environment to discuss concerns.
  • I role model effective communication, taking into account the needs of others.
  • I promote a culture that values understanding difference and encourages speaking up.

We take ownership (Level 2)

  • I delegate appropriately by giving clear direction that recognises people's strengths and potential to achieve more.
  • I monitor progress of my team and work to ensure deadlines are met and my team are clear on their objectives.
  • I take ownership of individual and team performance, not leaving it to others to address problems.
  • I take personal responsibility for seeing events through to a satisfactory conclusion and dealing with any problems both promptly and openly.
  • I am proactive in supporting actions that tackle the bias or prejudice that may be experienced by some groups of people.

We collaborate (Level 2)

  • I create a work environment that combines diverse styles, backgrounds and experiences to get better results.
  • I build strong relationships across a broad range of stakeholders, including colleagues, partners and communities, and use these connections to accomplish goals.
  • I work with partners to decide clear roles appropriate to each partner's remit.
  • I include others in my thinking and understand their priorities to make collaboration more effective.
  • I help create joined-up solutions across organisational and geographical boundaries, partner organisations and the people we serve.
  • I manage long-term partnerships sharing information and building trust to find the best solutions.

We support and inspire (Level 2)

  • I support others to understand their aims and wider organisational goals so they can work more effectively. I help others understand organisational changes and help them adapt to and adopt these to deliver better results.
  • I manage resources efficiently to create the most value and to deliver the right impact in my areas.
  • I take time to understand and provide the support people need to work at their best.
  • I show support that helps people feel safe and valued in raising concerns.
  • I create opportunities to support the professional development of others through knowledge sharing, coaching, mentoring and feedback.

We analyse critically (Level 2)

  • I help people be more effective by sharing the best available information and professional knowledge from diverse sources.
  • I ask incisive questions to test assumptions and separate opinion from fact.
  • I recognise when to take decisive action with incomplete information and plan for contingencies.
  • I draw effective conclusions from diverse sources of information and evidence and apply these to deliver results.
  • I assess options to make the best use of resources available, applying business and financial acumen to deliver best results.

We are innovative and open-minded (Level 2)

  • I am flexible in my approach, changing my plans to make sure that I have the best impact.
  • I look for good practice that is not always from policing and consider how I apply it in my role.
  • I provide space and encouragement to help others stand back and review their objectives and approach. This helps them to adopt fresh perspectives and identify improvements.
  • I anticipate future challenges and changes by using my knowledge of trends within and outside policing.
  • I generate creative ways to harness opportunities or meet challenges that arise from changing trends in policing.

Values

Courage

This means making, communicating and being accountable for decisions, and standing against anything that could bring our profession into disrepute.

When we are motivated by courage, we actively uphold the ethical standards of the police service so that we do the right thing even when the circumstances are difficult. We set good examples, challenge unprofessional behaviour and all forms of prejudice and discriminatory behaviour, and any activity which undermines the impartiality of policing.

We build and maintain the confidence of the public, our colleagues and partners through the way we conduct ourselves. We maintain professional boundaries with those we serve and work with to help protect ourselves and those around us.

We are open about what we have done and why and keep our promises so we can be relied on when needed. We support an environment where ethical issues or unprofessional actions can be raised, questioned, challenged, reported and addressed.

We are honest and open in our interactions and decision making. We have the courage to respond to criticism with professionalism.

Respect and empathy

This means encouraging, listening to and understanding the views of others, and seeking to recognise and respond to the physical, mental and emotional challenges that we and other people may face.

When we are motivated by respect and empathy, we ensure people feel valued and listened to. We treat them with patience and courtesy where possible, recognising that sometimes we may need to prioritise safety and security. We give them opportunities to share their views and take these views into account. We seek to understand other people’s perspectives and recognise they can differ from our own.

We engage with people who have a wide range of experiences and needs and provide a service that takes into account each individual’s unique circumstances. We ensure everyone, regardless of background or circumstance, is treated equally and fairly, recognising the need to tailor our responses to individual needs to ensure we are being fair and respectful.

We understand and recognise that people may respond differently to the same situation.

We are careful to recognise and manage our biases, so they do not stop us from engaging with people with different needs and experiences equally and fairly.

Public service

When we are motivated by public service, we respect the authority and influence afforded to us by our role in society and the responsibility we have in using our policing powers. We apply those powers lawfully, proportionately and when necessary.

As we strive to help deliver good outcomes for the public we serve, we seek to find opportunities to learn and improve ourselves as professionals. We reflect on our actions and decisions to see what could be changed to improve the service we offer the public.

We have a responsibility to ensure that we act in the best interest of society as a whole. Improving the safety and wellbeing of the public underpins all that we do. We respond to different communities, taking into account their history and experiences including trauma and adversity.

Technical skills

Business Planning Level 4

  • Gathers relevant information and statistics to support the business planning process at Division / Department level.
  • Identifies key objectives in order to improve local performance and ensures these are aligned with the Force Strategic Aims.
  • Effectively communicates agreed objectives and targets to the local workforce.
  • Plans for and ensures the best use of resources and value for money.

Data and Systems Security Level 3

  • Able to undertake the testing of data to ascertain accuracy and can report findings and implications to the appropriate authority.
  • Can create and request non standard reports from systems and interpret information supplied from system and audit logs.
  • Recognises when technology has been misused and displays discretion in identifying the appropriate response.
  • Aware of the software, hardware and environmental controls that should be in place and whether they are operating effectively.
  • Familiar with a range of force systems, networks, their use and registration.
  • Possession of Qualification in Computer Auditing (QiCA) is desirable.

Health and Safety Level 3

  • Has a basic understanding of Health and Safety issues affecting the current role and working environment.
  • Takes responsibility for personal safety and the safety of others.
  • Aware of hazards and reports problems identified to line manager.
  • Understands and minimises the physical risk of injury through the use of proper manual handling procedures.

Information Gathering and Analysis - Level 4

  • Is able to identify reliable and appropriate sources of information and select methods of gathering information which are efficient and effective.
  • Has a working knowledge of legislation and policy relevant to the collection, recording, storage and distribution of information.

Information Management and Technology - Level 4

  • Can conduct basic computer searches and can correctly interpret data generated.
  • Can create and amend records, according to role requirement.
  • Knows established rules and protocols.
  • Understands impact of data quality, and is self-monitoring on data quality issues.

Inspection - Level 4

  • Undertakes risk analysis to determine areas within the organisation that need to be reviewed.
  • Is able to design specific tests that provide for findings that add value to the inspection process and the Force.
  • Can translate findings into reports that are well presented and easily understood.
  • Understands significance of findings and can interpret them to identify their impact upon the Force.
  • Produces options for consideration.
  • Continuously monitors internal, and Force systems under review, to ascertain best value.

Internal Consultancy - Level 4

  • Demonstrates an in depth knowledge of the relevant specialist area and combines this with high level consultancy skills.
  • Develops collaborative relationships with internal clients and works with them to achieve joint objectives and targets.
  • Maintains an up to date awareness of all developments which may affect Force business and policies and proactively advises clients of all relevant matters.

Interviewing - General Level 3

  • Demonstrates the ability to conduct effective routine interviews for a variety of purposes.
  • Prepares and plans carefully and is clear about the purpose of the interview.
  • Asks relevant questions and is able to obtain the required information.
  • Regularly reviews personal interview performance.
  • Adapts style to suit the needs of the interview.

Knowledge of Police Environment and Policy - Level 5

  • Has a thorough understanding of the police service, nationally and locally, and is proactive in developing proposals which affect the way Kent Police and/or Essex Police operates.
  • Possesses a detailed understanding of the inter-relationships between activities, roles, functions, and how organisation structures and police systems work.
  • Understands and impacts on working procedures, practices and policies within areas of responsibility and ensures that these are followed at all times.
  • Contributes to force goals and is accountable for delivering local business plan objectives.

Management of Police Information (MOPI) Level 5

  • Has sufficient understanding of the NPCC records management policies be able to offer appropriate guidance and support to staff.
  • Is able to identify the appropriate MOPI group for any record with a policing purpose and ensure that all policing records within the team are retained, reviewed or destroyed in line with the MOPI codes of practice.
  • Quality assures staff to ensure a full understanding and compliance with the APP for Information Management (incorporating MOPI guidance), highlighting failings and taking appropriate action as required.
  • Ensures training and/or refresher training is provided and completed. Ensures that systems are correctly linked together to ensure effective management and recording of information across systems.
  • Appropriately reviews digital information held on system(s) and physical records in storage to ensure that they are retained only where there is a policing purpose.
  • Complies with relevant policies and procedures in respect of prioritisation, sanitisation, dissemination, sharing, relevancy, accuracy, adequacy and timeliness.

Office Technology - Level 4

  • Demonstrates advanced skills in the use of one or more office software products.
  • Able to use these packages to enhance the quality or presentation of work required within the role.
  • Manages data files and file structures.
  • Provides on the job training and guidance to other staff in the use of specific or specialist software, if required.
  • Familiar with established IT rules and protocols and shows a good understanding of data protection requirements.

Project Management Level 3

  • Demonstrates an understanding of the key principles of project management.
  • Able to assist in the management of projects within a Department or Division where the objectives, milestones and timescales have already been defined and manpower resources are limited.
  • Will need project management support.

Risk Management Level 3

  • Demonstrates an awareness of personal risk management issues, challenges or difficulties likely to affect the post holder in the execution of their duties.
  • Able to anticipate risks likely to affect their work and knows how to communicate the likelihood and possible impacts of such events to line managers or supervisors.

Training Level 3

  • Able to present and convey ideas and new/ revised procedures, on a one to one or group basis, to a logical and well structured plan.
  • Aware of a variety of training techniques, tools and principles.