Jobs

This role exists in order to:
1. Develop and implement the processes for capturing, monitoring, and reporting-on internal compliance with external-facing and internal-facing policies;
2. Develop and implement the processes for capturing, monitoring, and reporting-on identified corporate risks and their mitigations;
3. Advocate risk-management and compliance across the organisation, and pursue non-compliance.

It should be noted that this role does not normally handle financial risk and audit, matters relating to data protection compliance, and health & safety risk and audit.

CONTEXT

The National Trust for Scotland is Scotland’s leading conservation organisation, caring for a wide range of national heritage, hosting millions of visitors annually, and acting as a responsible employer for our workforce. As a responsible organisation, the Trust is committed to ensuring we remain compliant with all external and internal requirements, identifying risks, and putting in place appropriate controls and mitigation measures to manage these.

The Policy Team as a central function has oversight over the Trust’s policy and guidance, and is therefore best placed to ensure that all relevant risks have been identified, that appropriate owners have been allocated, and that the necessary controls are in place and are being applied.

The Heritage Compliance role helps establish, maintain and improve the standards with which we care for Scotland’s heritage, and support access, enjoyment and learning.

KEY RESPONSIBILITIES

The main areas of responsibility of this role are to:

• Develop and implement frameworks (applicable across the whole organisation) for identifying and recording risks to our heritage, noting proposed mitigating measures, and monitoring progress towards mitigation measures being implemented to reduce risk .
• Develop and implement frameworks for monitoring overall compliance with Trust policies, for escalating policy breaches to senior management, and for recording and reporting-on the Trust’s response to breaches of its policies.
• Work with those identified as risk owners & leads to contribute their input to the risk and compliance frameworks – including coaching individuals to increase understanding of the Trust’s approach and methodology, as well as pushing for participation in those frameworks.
• Collate and systemise information relating to risk/compliance (including evidence of compliance), and prepare ExCo/Board-ready reports for the Head of PPR&E to keep senior executives and non-executives well-informed of corporate risk and mitigations, and to record/track agreed strategies for encouraging compliance and the reduction of risk.
• Develop and deliver appropriate training on risk/compliance as a concept, as well as the frameworks and tools used within the Trust to capture and manage risk/compliance.
• Liaise with external partners tasked with supporting the Trust with risk and compliance matters.
• Ensure that the Trust’s frameworks for capturing and governing risk/compliance are cognisant of industry ‘best practice’ and fit for purpose within the context of the Trust.

SCOPE OF ROLE

People Management
• Not a line manager.
• Works across all operational levels of the organisation, and may, from time-to-time, work with members of the Board (in particular the Audit & Risk Management Committee), and the senior management team (“ExCo”: comprising the CEO and Directors).
• Establishes and actively engages with a peer-network for risk/compliance within the heritage/not-for-profit sector.
• Works with external suppliers/advisers.

Finance Management
• Not a budget-holder.

Application Deadline: Friday 16/12/2022