Global Digital Risk Policy Senior Manager

Job description About KPMG International

Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization.

From setting standards and best practices to developing innovative tech-enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

Global Quality & Risk Management (GQ&RM) helps protect the KPMG brand and reputation by dealing with live issues and learning quickly from challenges across the network. GQ&RM develops globally consistent quality and risk management policies to enable the business to make smart, agile decisions, and we monitor compliance and the quality of delivery across all three functions. GQ&RM is comprised of a number of high-performing teams, including:
Advisory Risk, Audit Risk, Tax & Legal Risk, Digital Risk, Risk Assessment, Monitoring and Reporting, Policy, Independence, Ethics, Business Operations, Transformation and Operations. Working together, our global team is delivering value to our member firms and functions and driving our ambition to become the most trusted and trustworthy professional services firm.

Global Digital Risk Team (GDR) is responsible for the development, maintenance, and assurance of the Firm's critical global information protection policies, and controls. As 2nd Line of Responsibility (2 LOR) GDR also conducts Governance, Assessment and Monitoring to produce insights into known and emerging Digital Risks to provide an enterprise-wide view of risks across the Network. This ensures KPMG consistently and effectively identifies, manages and mitigates Digital Risks across our organization.

The GDR Policy team is responsible for developing, communicating and maintaining policies and related materials addressing information risk, security and privacy in KPMG.

KPMG's policies are designed to meet the firm's business requirements and expectations of external parties and clients. These materials define the minimum baselines for those areas for all KPMG organizations

The Policy Lead is responsible for developing and maintaining Global Information Security Policies and Security Standards, which define the minimum-security baseline for all KPMG entities. The role requires a blend of policy expertise, technical skills, and the management skills to drive policy development and enhancements to ensure that our security baseline meets the firm's business requirements and expectations of external parties, regulators and clients, and is aligned to industry frameworks.

The Policy Lead reports to and supports the GDR Senior Leadership Team.

• Act as the GDR Policy Lead subject matter expert (SME) to develop and update KPMG Global Digital Risk Policies and guidance materials ensuring alignment to industry standards such as ISO and NIST;
• Act as one of GDR's AI Delegates representing GDR on the Global AI Trusted Design Authority Working Group and the GQ&RM AI Taskforce providing policy advice on the adoption of AI at KPMG.
• Manage resources who support Policy Portal Maintenance and the Policy Exceptions Process.
• Provide oversight of the existing Policy Exceptions Process and work with other stakeholder groups to ensure process is fit for purpose and exceptions are reviewed and decided on in a timely manner and in line with Policy.

• Lead the GDR Information Protection Policy Working Group (IPPWG), which is a formal policy governance body made up of KPMG International and Member Firm stakeholders that facilitates the review, updating and voting on Policy materials;
• Coordinate further ratification and communication of new or updated materials to other formal policy governance bodies, such as the Policy Development Working Group and the Global Quality and Risk Management Steering Group
• Working with the central policy team, prepare the pre-read materials and subsequent communication (Special Alert) to communicate updates to GDR policies to the network of member firms.

• Support the GDR Senior Leadership Team in regular tasks related to compliance, attestations and certification audits (specifically ISO
  27K, SOC2, SoQM, IPCR) and Global client requests related to our policy materials.
• Support KPMG's Cyber Insurance submission, responding to Cyber Insurance questionnaires and providing…