Head of ISO Compliance & Legal

The main responsibility of a Head of ISO Compliance and Legal is to oversee and ensure regulatory compliance and legal throughout the organization. This role combines the responsibilities of both ISO compliance and legal functions, with a focus on upholding ethical and regulatory standards and managing legal risks, safeguarding the company’s interests. In addition, as a Board of Management member, the Head of ISO Compliance and Legal provides strategic leadership, governance, and oversight to an organization.

ISO COMPLIANCE: 60%

• Regulatory Compliance: Overseeing compliance with specific regulations that apply to the BPO industry, such as data protection and privacy laws, ISO9000, ISO27000, labor laws, financial regulations, and any other applicable regulatory frameworks. Monitoring Implement QISMS (ISO9000, ISO 27000) in coordination with executive and mid-level management.
• Policy and Procedure Development: Developing and implementing comprehensive compliance policies, procedures, and controls to ensure adherence to QISMS, GDPR requirements. This includes drafting and reviewing internal policies, codes of conduct, and compliance manuals.
• Risk Assessment and Management: Identifying compliance risks associated with the company's operations, processes. Assessing the potential impact of these risks and developing strategies to mitigate them.
• Internal Investigations: Conducting internal investigations in response to suspected violations of laws, regulations, or company policies. Ensuring thorough and impartial investigations, implementing corrective actions when necessary, and reporting findings to senior management.
• Internal & External Audit Management: Manage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to stakeholders’ expectations. Conduct periodic compliance audits and assessments to evaluate the effectiveness of the compliance program and make necessary improvements.
• Ethics and Governance: Promoting ethical behavior and ensuring compliance with the company’s governance principles. Providing guidance on ethical dilemmas and fostering a culture of integrity and accountability within the organization.
• Training and Awareness: Conducting training programs and awareness campaigns to educate employees about ISO compliance requirements, promoting a culture of compliance throughout the organization.

LEGAL: 40%

• Legal Compliance: Ensuring the company's compliance with all relevant laws, regulations, and industry standards. This involves staying updated on legal developments, assessing their impact on the company, and implementing policies and procedures to maintain compliance.
• Legal Advice and Counsel: Providing legal advice and guidance to senior management and other departments within the organization. This includes assessing the legal implications of business decisions, providing guidance on potential risks, and offering legal solutions to support business objectives.
• Contract Management: Reviewing and negotiating contracts with clients, vendors, and partners to ensure legal compliance and protect the company's interests. Assessing contractual risks and advising on appropriate risk mitigation strategies.
• External Relationships: Liaising with external legal counsel, regulatory authorities, and industry associations to stay informed about legal and compliance developments, seek guidance when needed, and represent the company's interests in regulatory matters.
• Reporting and Documentation Management: Ensuring timely and accurate reporting to regulatory authorities as required. Maintaining accurate records, documentation, and reporting systems related to legal and compliance matters. Initiating license registrations, and renewal procedures in a timely manner.