Summary of Role
The ICR is seeking an exceptional non-executive who is a Cyber Security Expert to join its Audit and Risk Committee which provides assurance to the Board of Trustees on the adequacy and effectiveness of the ICR’s:
- Risk management, control environment and governance
- External Financial Audit and internal audit
- Value for Money
- The management and quality assurance of data
Key Requirements
The Audit & Risk Committee are looking for a non-executive:
- To assure the Board of Trustees about the adequacy and effectiveness of the ICR’s governance, risk management and control environment, including financial, operational, cyber, digital and data-related risks.
- Promote a culture where cyber resilience is understood as part of the charity’s overall governance and risk management
- Oversight of management’s cyber maturity roadmap and investment in cyber resilience and digital controls.
- Oversight of cyber and digital risks arising from third-party suppliers, research partners, and NHS interfaces.
- Assurance over the protection of sensitive research data, patient-related data and intellectual property.
- Assurance over technology, cyber and data controls through internal audit reviews, independent assessments or external benchmarking where appropriate.
- Ensure the organisation regularly identifies, assesses, and prioritises cyber risks and has adequate policies, controls, and frameworks in place
- Ensure the organisation has an up‑to‑date incident response plan, business continuity plan, and disaster recovery arrangements
Department/Directorate Information
Audit & Risk Committee is sub-Committee of the ICR's Board of Trustees, which is the ICR's governing body. The Board is responsible for ensuring the ICR pursues its charitable objects, complies with its constitution and relevant legislation and regulations, applies its resources exclusively to its objects, and enacts cancer research of the highest international standard. Further information on our Board can be found here.