Enterprise Data & AI Regulatory Risk Lead

Key Skills

Aartificial intelligence, Analytical and Problem solving, Data management, Effective communication skills, Enterprise Architect, Information science, Management, Regulatory Compliance

Job Description

The Enterprise Data & AI Regulatory Risk lead is a new role within the Enterprise Data Office team (EDO). The role will work closely with partners across AZ to establish and drive an enterprise approach to how we understand the Data and AI regulatory environment that impacts AZ, how we resolve associated Data and AI risks and establish the processes and procedures for risk mitigation and awareness. Across AZ. The role will lead the enterprise data and AI regulatory intelligence capability that ensures AZ has both visibility of the external regulatory environment and understands the impact on the way that we conduct our business. You also will be responsible for developing and manging a comprehensive set of standards and controls for Data and AI risk management within AstraZeneca.

As a key member of the EDO will work together with partners and teams across AZ to ensure that Data and AI risks are identified, owned, and led, at the appropriate level within AZ, be that Business, Technology or Enterprise level.

Establishing and reporting of Data and AI risks along with owning the partner concern of critical risks via AZ’s Data and AI governance and Risk Networks will be a crucial aspect of the role, thereby driving a culture of open Data and AI risk management within AZ

You will be responsible for developing an enterprise education and awareness program to unsure that employees understand the risk that ungoverned use of Data and AI poses to our business and licence to operate and that individuals understand their responsibilities and are empowered to report potential data and AI risks and issues.

We operate a federated governance model with the Enterprise Data Office (EDO) at the centre which resolves standard methodologies and governance model. Where data is truly enterprise the ownership of enterprise Data and AI risks will initially sit with this role, although wherever possible the responsibility will be federated to the business areas, each of which has its own data office. This approach will ensure that there will always be a clear set of accountabilities for mastering and governing data. The role has a direct responsibility for assuring that the federated responsibilities are aligned with, and the identification and management of Data and AI risks associated with failure to enforce with our standards and policies.

Key Accountabilities

Responsibilities will be expected to evolve over time as our approach to Regulatory Risk matures and develops. They will include but will not be restricted to leading and carrying out

• Build and maintain a detailed assessment of AZ’s approach to Data and AI Regulatory Risk, to ensure we see opportunities for standardised ways of working that meet our regulatory and compliance needs.
• Identify the need for and establish appropriate standards, guidelines, roles and responsibilities for Data and AI regulatory risk management.
• Drive ownership accountability and Data and AI responsibility for regulatory risk in the business community.
• Lead a matrix team of specialists in Data and AI regulatory risk who will also develop an education and awareness program across AZ user types about the need for, and the embedding of good regulatory risk policies and practices throughout the company.
• Establish standard process for partnering with business users who consume AZ data to ensure AZ maximises the value from its data.
• Embed and align Data and AI regulatory risk activity with privacy and information security programmes and initiatives.
• Use specialist knowledge and expertise to identify improvements to ensure that the enterprise Data and Ai regulatory risk standards continue to evolve to meet the changing regulatory and business landscape.
• Continually assess and identify risks in line with the AZ risk management approach, ensuring they are owned and as appropriate mitigated and accounted for.

Experience and Knowledge

• A good understanding of Data and AI regulatory risk practices and carrying out business audits and requirements gathering.
• A post graduate information management or data management qualification or extensive experience working within an information or data management setting.
• Experience in leading a data-oriented programme
• Understanding of the principles of IT security and data protection
• Solid ability to extract information by questioning, active listening and interviewing
• An understanding of relevant statutory frameworks applying to data governance such as the (e.g. Data Protection Act)
• Specialist knowledge of Data and AI regulatory risk principles and practices.
• Superb communication and social skills – able to collaborate closely with employees at all levels.
• Strong analytical and problem solving skills
• Excellent writing skills, with the ability to produce clear requirements, specifications and documentation
• Demonstrable ability to communicate embed business process and system wide changes to a technical and non-technical audience.
• Ability to work under stress and manage conflicting priorities.