Share this Job

Information Governance & Compliance Analyst

Date: Feb 27, 2019

Location: London, United Kingdom

Company: KPMG UK

AutoReq ID142439BR
Job TitleInformation Governance & Compliance Analyst
CountryUnited Kingdom
FunctionKPMG Business Services
Service LineQRM
Service Line InformationQuality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.

KPMG OverviewKPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients’ most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.

Job Description
Job Title: Information Governance & Compliance Analyst
Role Type: FTC - 12 month
Grade: E
Business unit: Governance, Risk & Compliance, Information Assurance
Department: Quality & Risk Management
Working Hours: 9am - 5pm
Location: London


The role holder will be an analyst in the Information Assurance Governance, Risk & Compliance team, supporting the development of information and records management policy and conducting oversight and compliance activities with regard to information and records management.

The role holder will assist both internal and client facing teams by providing expert advice and guidance on the means to manage corporate information and records, in accordance with the firm’s information security policies and industry best practice.


CISO/Head of Information Assurance
Head of Governance, Risk & Compliance, Information Assurance
Business and functional managers; client facing teams
Office of General Counsel



- Support the second line of defence assurance and compliance plan for information and records management and deliver this across the firm
- Support the information and records management aspects of the client assurance and audit process
- Create and maintain best practice guidance, and be the subject matter expert for queries on information and records management matters
- Support the maintenance of the firm’s Records Retention Schedule to reflect the legal, regulatory and business requirements of the firm
- Conduct oversight of record appraisal and disposal processes within the firm across current and legacy systems
- Support the firm’s mission to build client trust and confidence with regard to information and records management
- Stay abreast of industry best practice in relation to information security governance, risk & compliance.

Risk management

- Support the proactive and timely identification, evaluation and management of information/records non-compliance and risk through the central Information Risk Register
- Foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk Management framework


• Contribute to the development, maintenance and communication of the UK firm’s information security policies and in particular the records management policy controls
- Promote good information and records management practice and standards across the firm


• Support the creation and provision of meaningful and actionable management information, including Key Risk Indicators and Key Performance Indicators

Awareness and collaboration

- Establish strong relationships with client facing teams and business and functional managers
- Establish strong relationships with other relevant stakeholders
- Build on and preserve the firm’s reputation with clients, with regard to information governance


Technical knowledge and qualifications

- Minimum of 2 years’ experience in information and records management within an organisation
- Certification in records management and/or information security desirable (and willingness to gain this if necessary)
- Working knowledge of core information and records management concepts and a current understanding of professional practice and issues relating to information and records management
- Good working knowledge of information and records management standards (ISO 15489, ISO 30301, BS10008)
- Working knowledge and experience of electronic document and records management technology
- Practical knowledge of information security standards (eg ISF Standard of Good Practice for Information Security, ISO 27001)
- Understanding of information risk management
- Understanding of privacy requirements (including GDPR)
- Ability to communicate clearly and simply, both verbally and in writing

Leadership skills

• Ability to deal with a broad range of stakeholders at all levels, in a confident and assured manner
- Ability to prioritize and manage a complex workload, including multiple tasks for themselves
- Influencing skills

Analytical skills

- Ability to identify and articulate information and records management requirements, risks and issues, and to make clear and measured recommendations
- Ability to understand business drivers and risk appetite and to align information security compliance accordingly
- Analytical and problem solving skills

Personal qualities

- A self-starter, with a proven need for excellence
- A good team player
- Good inter-personal skills and ability to communicate effectively with stakeholders at all levels
- Multi-cultural awareness and sensitivity
- Strong integrity, independence and resilience
- Excellent attention to detail, as well as the ability to think bigger picture

Our Deal

Flexible Working

Our employees have many varied work schedules to suit their individual needs!

Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.

Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.

Applying with a DisabilityAs a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.

KPMG's commitment to diversity

We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.

Policy for Agencies

KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV’s from agencies. Please check here to see our policy on agencies: Policy

Job Segment: Compliance, Consulting, Law, Claims, Risk Management, Legal, Technology, Insurance, Finance