Head - Business Assurance and Quality

Date: 23-Nov-2022

Location: Noida, South Asia, IN

Company: British Council

The British Council builds connections, understanding and trust between people in the UK and other countries through arts and culture, education and the English language. 
We work in two ways – directly with individuals to transform their lives, and with governments and partners to make a bigger difference for the longer term, creating benefit for millions of people all over the world. We help young people to gain the skills, confidence and connections they are looking for to realise their potential and to participate in strong and inclusive communities. We support them to learn English, to get a high-quality education and to gain internationally recognised qualifications. Our work in arts and culture stimulates creative expression and exchange and nurtures creative enterprise. We connect the best of the UK with the world and the best of the world with the UK. 
These connections lead to an understanding of each other's strengths and of the challenges and values that we share. This builds trust between people in the UK and other nations which endures even when official relations may be strained. We work on the ground in more than 100 countries. In 2019-20 we connected with 80 million people directly and with 791 million overall, including online and through our broadcasts and publications.


Job Title: Head- Business Assurance & Quality


Purpose of job:

Business Assurance is responsible ensuring all the functions and deliveries at the BCMS Shared Service Center are working in safe, secure and compliant manner within the agreed standards, framework and stakeholder agreements within British Council. The main priorities,

areas of responsibility and span for this role include Quality Assurance, Compliance Assurance management, Business Continuity and Crisis Management (BCP), Delivery Governance Assurance, and Knowledge Governance management of BCMS. The main functions of the role


• To support BCMS Service Line in achieving / aligning to BC Quality strategy and objectives through Quality assurance and control activities.

• To develop Business Continuity management for ensuring the safety of workforce, during disruption resuming business critical operations as soon as possible and minimising the damage to business. Handle, manage and lead the Crisis situation that could potentially risk/disrupt business operations

• Liaison and work along with global authories and industry standards to develop Information Security methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorised access, use, misuse, disclosure, destruction, modification, or disruption.

• To enable the deliveries to ensure compliance to all BC standards and Information Quality and Security governance framework.

• Provide appropriate reporting to BCMS operations board.

• Development and institutionalization of KM strategies and measurement framework. Implement internal reviews for documentation, quality, resilience, Security, and compliancy services in co-ordination of SSC delivery teams and functions and conduct spot and planned reviews for continual improvement.


Role context 

Reporting to Head SSC, the Head Business Assurance is responsible to create implementation strategy for below mentioned initiatives:

  • Continuity and Achievement of ISO compliances ISO27000 and ISO22301 (and future ISO as per service strategy and roadmap)
  • Business Continuity Plans, Assurance, testing and Crisis management
  • nformation security management
  • Quality Assurance
  • Knowledge management
  • Compliance to BC standards and Risk management framework
  • Governance Management


Main opportunities/challenges for this role 

Accountabilities, responsibilities and main duties:

The Head Business Assurance is responsible for supporting the below mentioned initiatives:

  • Business Continuity management
  • Setting Business Continuity Management (BCM) Policy, Strategy and ensuring that it is communicated and reviewed periodically
  • Ensuring that BCM processes and requirements, including any templates, are documented and that they are reviewed periodically
  • Ensuring conformity to BCM best practices
  • Coordinating BCM across all functions, locations, assignments
  • Owning, writing and testing BCMS BCM Plan
  • Compliance and certification against ISO 22301 standard.


Information Security

• Setting Information Security Management System (ISMS) Policy, Strategy and ensuring that it is communicated and reviewed periodically

• Consider requests to issue policy exemption certificates and to approve or reject these as appropriate

• Review major incidents - and any other events that have serious information security implications - and the proposed measures to prevent recurrence.

• Review ‘information-related’ risk assessment findings and recommended controls.

• Web application firewall, Physical access, and Data protection

• Facilitate BCMS external security audits (As per BC framework or agreed external agency)

• Compliance and certification against ISO 27001 standard.


Quality Assurance

• Setting Quality Assurance Management System (QAMS) Policy, Framework, Handbook and

Strategy for the organisation.

• The development and implementation of business process controls and compliance

• Support and consultancy to delivery teams to develop and implement appropriate process

management in accordance with the overall Quality Assurance approach.

• Creation, maintenance, and co-ordination of delivery of the Audit Plans

• Ensuring that audit reports are produced, and follow-up actions cleared in a timely manner

• Analysis of audit and review data, trend identification and reporting as inputs to continual improvement

• Facilitate BCMS external quality audits (As per BC framework or agreed external agency)

• Management of records- retention, protection, archival and destruction.


Knowledge management

• Development and institutionalization of KM strategies and measurement framework

• Provide advice and assistance to delivery teams in finding solutions to challenges/issues 3

of 5 Resourcing team November 2010 as they arise.

• Lessons-Learned case studies and meetings to harvest the experience of projects

• Organizing the conduct and implementation of knowledge sharing activities such as workshops, discussion/learning groups, seminars, KM databases

• Compliance and certification against ISO 20000/ CMMI level 3/4 standard. Compliance to British Council internal governance and standards

• Information Management and Record Retention compliance

• Facilitate implementation Enterprise mandatory trainings and awareness

• Information Governance, GDPR and PIA Assessment

• Adherence to and achievement of Information Governance Agreement (IGA)

• Delivery Assurance and Delivery Contract Deliverable Governance

• Organisation awareness on Cyber Security, training and development of awareness,


Skills and resources

• Compliance to Freedom of Information Act of the UK

• Ensuring compliances to child protection policies (either stated by organization/enforced

by law)


Governance & Reviews Management

• Ensure Execution of all tactical governance reviews and their effectiveness

• Ensure information to strategic governance

• Plan, develop and implement an Internal total Compliance Environment for all SSC based

functions and deliveries

• Review of the deliveries for applicable security, business and continuity and information

management controls

• Creation, maintenance, and co-ordination of delivery of the review Plans

• Coordinate audits conducted by the British Council /External bodies



Engineering / Postgraduate in relevant subjects

[Certification in ISO lead auditor with experience of ISO27K AND ISO22301 OR CISM or COBIT or CISSP Certification] PLUS

ITIL Foundation level Certificate


Role specific knowledge and experience

Information Security, Quality, and Business Risk Assurance experience in a similar role in relevant industry Certified Lead Auditor with implementation experience of atleast one ISO

Expert in implementation and maintenance of Information
security(27001) and business continuity management frameworks.
Expert in org. level reporting and balance scorecard
Risk Management

Audit Management


Further Information

Pay Band – 8

Contract Type – Indefinite   

Department/Country- General Management/ India - Noida

Closing Date (Time) – 24th August 22 (IST -23:59)




A connected and trusted UK in a more connected and trusted world.


Equality , Diversity, and Inclusion (EDI) Statement


The British Council is committed to policies and practices of equality, diversity and inclusion across everything we do. We support all staff to make sure their behaviour is consistent with this commitment.  We want to address under representation and encourage applicants from under-represented groups, in particular, but not exclusively, on grounds of ethnicity and disability.  All disabled applicants who meet the essential criteria are guaranteed an interview and we have Disability Confident Employer Status. We welcome discussions about specific requirements or adjustments to enable participation and engagement in our work and activities.


The British Council is committed to safeguarding children, young people and adults who we work with.


We believe that all children and adults everywhere in the world deserve to live in safe environments and have the right to be protected from all forms of abuse, maltreatment and exploitation as set out in article 19, UNCRC (United Nations Convention on the Rights of the Child) 1989.


Appointment to positions where there is direct involvement with vulnerable groups will be dependent on thorough checks being completed; these will include qualification checks, reference checks, identity & criminal record checks in line with legal requirements and with the British Council’s Safeguarding policies for Adults and Children.


If you have any problems with your application please email askhr@britishcouncil.org


Please note: Applications to this role can only be considered when made through the Apply section of our careers website. Our ‘ASK HR’ email is only to be used in case of a technical issue encountered when applying through the careers website. Emails with supporting statements and CV/Resumes sent to this email address will not be reviewed and will be deleted.