Leads the provision of information security resources, expertise, guidance and systems necessary to execute strategic and operational plans across all the organisation’s information systems. This includes executive responsibility and accountability for the management of threats to confidentiality, integrity, availability, accountability and relevant compliance, and for security control reviews, business risk assessments and reviews that follow significant breaches of security controls. In the case of breach, undertakes the duties of data protection officer to ensure that registration and notification of the breach is done in accordance with GDPR legislation.