Information Governance Officer

Business Unit: Discovery Central Services Function: Information Security Date: 20 Mar 2025 Discovery - Information Governance and Security Information Governance Officer About Discovery Discoverys core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society. About (Information Governance and Security) The Information Governance and Security function within the Discovery Group aims to provide assurance that the organisations information assets are adequately protected against threats on a continual basis. This is achieved by finding the right balance of information security and business freedom. Key Purpose The Information Governance Officer (IGO) supports the Group Chief Information Security Officer (CISO) through the Deputy CISO, with all IT governance and control related functions. Responsible for ensuring that the appropriate policies, procedures, standards, RACI charts and practices for conformance with the respective governance frameworks and mandatory legislation and regulations, are in place as defined. Work closely with information technology, privacy and security personnel to establish and conduct oversight on approach to the use of information and associated technologies. Areas of responsibility may include but not limited

• Establish and assist in the development of appropriate policies, procedures and practices in relation to IT, Privacy and Security governance and planning functions;

• Ensure and monitor the effective implementation of and drive awareness for policies, procedures and standards;

• Manage day-to-day activities - maintaining policies, standards, procedures, training and communication regarding Information Governance;

• In conjunction with Group Legal and Group Compliance, assist in the identification of applicable laws and regulations and assist with the implementation of actions to ensure compliance;

• Exhibit knowledge of governance, legal, compliance and auditing frameworks and apply that in reviewing the quality of existing and new documentation;

• Recognise and identify potential areas where existing policies, standards and procedures require change;

• Support additional internal and external compliance activities as part of the Information Governance and Security department;

• Support key stakeholders and management with governance planning, reporting, advice

Personal Attributes and Skills

• Strong negotiation skills

• Excellent knowledge of Risk, Legal and technology environments

• The ability to articulate security in non-technical business impact terms

• Excellent written and oral presentation skills, ability to lead discussions

• Business Writing Skills, Presentation and Facilitation Skills

• Customer Service Orientation, Result Orientation, Negotiation skills

• Personal organisation and time management skills

• Professional Communication (written, verbal/presenting and listening)

• Interpersonal skills - Ability to build relationships with people from all different backgrounds and at different job levels

Qualifications & Experience

• Basic IT qualifications (A+, N+ or equivalent)

• proven experience

• Documentation and business writing skill

• Risk-related industry-standard qualifications such as CISA, CISM or CGEIT would be a strong recommendation.

• IT related Diploma / Degree

• NIST, COBIT, ISO2700X, and ITIL

• CRISC, CGEIT (understanding of or experience in)

• 5+ Years experience in information technology

• Working knowledge of and/or experience with Risk and compliance

• Working knowledge of applicable industry standards, legislations, etc

• Experience in compliance frameworks for Information Security, Compliance & IT Governance Standards: ISO27001, PCI-DSS, COBIT, King III/IV, NIST

• Strong risk assessment/audit capabilities with hands on experience in many technologies and platforms across a broad range of industries.

EMPLOYMENT EQUITY The Companys approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.