Head Of Governance, Risk Management And Compliance Randstad Central Delivery Agent
jobmesh.io
Overview: The Head of Governance, Risk Management and Compliance (GRC), reporting to the General Director, is directly responsible for implementing, maintaining, and improving policies, procedures, and internal controls to ensure compliance with applicable regulatory and legal requirements and best practices while minimizing risks for the organization.
He/she leads risk analysis for strategic and operational internal and external third-party risk assessments, designing controls and implementing best practice processes.
Responsibilities: Governance and Risk Management: Designs and develops the governance and risk analysis strategy in line with the overall strategy, ensuring that adequate control mechanisms are in place.
Carries out risk diagnosis on processes with reference to Italian and European laws, regulations, and standards.
Carries out follow-up actions to risk management actions.
Drafts and monitors annual governance, risk, and compliance budgets considering the organization's strategic plans.
Compliance Management: Oversees the implementation of the function's policies, systems, processes, procedures, and controls to meet all relevant procedural/legislative requirements.
Obligations Related to the Reform of the Third Sector: Acquires information on the reform of the third sector with the support of a tax advisor and informs the areas concerned with an internal consultancy approach.
Ensures the collection and transmission of information required by the Ministry of Foreign Affairs concerning the NGO register and the use of institutional funds.
Verifies compliance with the regulations on the preparation of annual financial and social statements and the keeping of the organization's books.
Tax Obligations: Together with the tax advisor, informs the relevant areas of any updates and changes in regulations concerning their activities.
Supports the management of reporting issues such as error reports or donations made without reporting the tax code.
Verifies that the Finance Department has prepared the 51000 reporting and informs it of any changes in legislation.
Prepares documentation regarding anti-mafia and anti-money laundering legislation, verifying the existence of the necessary requirements for MSF as an NGO.
Obligations Relating to Worker Health & Safety: Coordinates worker safety activities by ensuring that existing procedures are kept up to date.
Oversees the activities of the safety management officer.
Privacy: Acts as Data Protection Officer for all data protection issues or incidents, working with the DPO to ensure consistency and compliance.
Identifies opportunities to implement new systems to improve compliance adoption, employee engagement, and efficiency.
Develops, improves, and operationalizes organization-wide security, risk, and privacy policies, processes, and controls.
Performs monitoring and evaluation of security, risk, and privacy controls on an ongoing basis.
Works with key stakeholders to review critical factors and perform privacy impact assessments as necessary.
Supports procurement in defining contractual clauses concerning privacy.
Oversees the activities of the cybersecurity officer in managing cybersecurity protocols.
Implements measures and a governance framework to manage the use of data in compliance with laws and regulations.
Coordinates privacy training for all employees and contractors.
Organizational Model 231/01: Prepares updates requested by the ODV (Organismo di Vigilanza), including internal procedures.
Ensures internal communication and coordinates mandatory training on the 231/01.
Verifies the Management Team's reporting obligations to the ODV.
Informs the Board of MSF about the need to replace members of the ODV.
Reporting, Monitoring Obligations & MoUs: Ensures compliance with GRC regulatory and legal requirements for agreements and contracts of MSF.
Verifies that the Directorates have updated a database concerning all agreements and MoUs signed by the section.
Legal Disputes: Coordinates the initial actions regarding legal disputes that the organization is called upon to handle.
Acts in support of the crisis teams dedicated to the required legal action.
Qualifications: Key requirements: Bachelor's degree consistent with the profile.
Minimum of 7 years of relevant experience.
#J-18808-Ljbffr