Deputy General Manager

Pune, Maharashtra
  1. Full Time
  2. Corporate Affairs/PR
Posting date:06 Aug, 2019


Implementation and Compliance with Data Protection and Privacy Policy
Collection and Assessment of Personal Information and Business Sensitive Information through Personal Information and Business Sensitive Information Register (“PI & BI Register”) on quarterly basis from all the Business and Corporate Verticals of Vodafone Shared Services India(VSSI).
Reviewing and updating, (a) Data Protection and Privacy Policy, (b) Privacy Risk Management System, (c) Records Management and Retention Policy, and (d) Privacy Law Enforcement Assistance Document.
carrying out Privacy Risk Impact Assessment (“PRIA”) for VSSI (currently at Pune, Ahmedabad and Bangalore locations) as per DPP Calendar with respect to both Personal Information and Business Sensitive Information.
closure of identified gaps in PRIA, Internal Group Audits and Statutory Audits.
Building and developing DPP Framework for across locations on carrying out Gap Analysis from legal, compliance and technical framework of VGSPL.

Building strong DPP framework for VSSI across locations for ensuring 100% prevention mechanisms against data leaks.

Implementing 5S Process to ensure proper maintenance & storage of official documents, and timely retrieval of documents thereby ensuring Data Protection at VISPL across locations.
Implement the GDPR requirements
Implementation and Compliance with Transition Information Management system under DPP Policies
Integrating existing VSSI Transition Process with, (a) Data Protection and Privacy (“DPP”) Policy, and (b) Group Mandates on Transition Process on liaison with Heads of Transitions and Transition Managers.
Support VSSI Transitions functions by, (a) assessing Transition Information (PI/SPI/BI) through DPP Transitions Register (“Transitions Register”) and Enterprise Risk Register , and (b) providing necessary DPP approvals on, (i) evaluating approved “Business Case” and “Service Specifications” documents, (ii) engaging relevant stakeholders from VSSI, Partner Markets, Enterprise & Group, and (iii) ensuring appropriate compliance with mandated DPP environment.

Provide requisite in auditing Transitions related functions basis the DPP Policy in liaison with Information Technology and IT Support functions. 
Vulnerability Assessments
Lead the maintenance of “Application Register” across VSSI on quarterly basis and engage stakeholders for analyzing the behavior of newly introduced Applications and revised/modified Applications as per DPP (PI & BI) Register.
-Developing and enforcing the data protection and privacy policies and anchor compliance with the privacy laws applicable to the shared service business
-Implementation and Compliance with Transition Information Management system under DPP Policies
-Implementation and Compliance of IT Demands under DPP Policies
-Review and update relevant DPP policies and communicate the same to the larger organisation
-Privacy Assessments of new processes and ad hoc requests and highlight risks pertaining to the same
-Implementation and Compliance with Privacy Principles
-Audit Effectiveness for a. Group internal audit and British Standard (BS) certifications effective Incident reporting management system at VSSI no Data Leaks at policy level
-Support implementation of controls to ensure closure of identified gaps in Privacy Risk Management Framework, Internal Group Audits and Statutory Audits.
-Implementation of 5S Privacy & Security Principles
-Provide requisite support in investigation and resolution of Data Leakage Incidents reported under the DLP in close liaison with Information Security, Legal, Corporate Security functions and relevant Business functions.
-Implement and coordinate DPP KPI monitoring (incl. DPP, Infosec, Physical Sec and Legal related) and report results
-Ensure all DPP related clauses mandated by Group find place in all Data Processing Agreements ("DPAs")VSSI Non-Disclosure Agreements (“NDAs”), Service Level Agreements (“SLAs”) and Master Services Agreements (“MSAs”).
-Awareness of Data Protection and Privacy principles across verticals in VSSI
-Drive the GDPR program initiative
-Identify and highlight the risks observed during the assessments to the Management
-Support vendor assessments to evaluate the Data Protection and security practices implemented within the Vendor environment

  •  Accountability - The incumbent shall be responsible for the Data Protection and Privacy Matters within the Organization
  • Competencies - (A)The person must be a team player who could collaborate with his/her colleagues in the other locations/jurisdictions

(B)Exposure to, (a) Data Protection, Privacy and Information Security activities, (b) Cross Border environment, (c) should have handled Audits and/or Risks portfolios, (d) Telecom regulatory environment, (e) risk management, compliance and assurance, programme / project management

  • KPIs - Accurate and timely implementation and compliance of Data Protection and Privacy policies
    Seamlessly drive Vulnarability assessment
    Seamlessly drive incident reporting management
    Seamlessly organise awareness and training programmes
    Drive audit effectiveness and certifications
    GDPR program implementation



  •  The person must be an able manager of the team as there would be a team reporting into him/her.


Life at Vodafone

Raniya's Work Experience

James "Vodafone changed my life"

James "Vodafone changed my life"