Phil Abrol

Experience

• 

  Aon

  Apr 2001 - Jan 2019

  Key responsibilities:• Leading a team of data protection governance analysts responsible for GDPR compliance and data protection governance for outsourced pension administration.• Implementing and embedding GDPR controls across the business unit, alongside existing data protection governance.• Maintaining ongoing GDPR compliance, documentation and framework.• Maintaining strong relationships with related legal and data privacy departments.• Managing the handling of client and data subject requests.• Investigating data incident causes and implementing resolutions• Working across the business to instil a culture of data protection compliance and privacy by design.Key achievements:• Operated as a “Privacy Champion” for the business unit, so a go-to SME for GDPR and data protection.• Participated in global programmes to ensure group-wide consistency.• Implemented DSR procedures across the business unit, ensuring completion within regulatory deadlines.• Established strong working relationships with other business lines plus legal and data privacy departments.• Completed a detailed Record of Processing Activities for an extensive client base.• Recruited and developed a highly competent team of data protection governance analysts.• Fielded a wide variety of client GDPR queries to a high degree of satisfaction. Show less Key responsibilities:• Working as part of a team of senior analysts within a national transformation team on various large scale and high-profile projects.• Lead Business Analyst on projects with significant organisational impact and importance.• Frequent interaction with senior leadership and management of key stakeholders• Comprehensive process analysis, requirements gathering, documentation, solution design, communication and project implementation.Key achievements:• Projects included:­ the implementation of GDPR, ­ large scale organisational process redesign, and ­ introduction of additional platforms and automation.• Delivery of key operational efficiency improvements, such as workflow automation.• Development, implementation and enhancement of a major new software platform.• Represented business unit on a business analysis SME forum.• Managed large and complex working groups, often including senior people and SMEs. • Comprehensive review, documentation and streamlining of a complex service line. Show less • Worked with a team of analysts and developers on various programmes and projects, with a focus on process improvement, automation and outsourcing.• Gathered and documented requirements, process analysis, liaising with key stakeholders and managing the rollouts and post-rollout support for various artefacts.• Solution design, development and testing.• Delivered improvements in operational efficiency and reduction of risk.• Specification and development of complex calculation models to exacting standards.• Designed and automated the end to end process in which these models operated.• Testing and rigorous quality controls.• Lifecycle management, version control, quality, change and release management.• Data mapping, analysis and reconciliation for client implementations and migrations.• Seconded to Krakow in 2010, working with a team to help set up an outsourcing centre in Krakow, Poland.­ Identified technology and process development needs around the outsourcing of a variety of processes and developing solutions to meet those needs, fulfilling each step of the process lifecycle.­ Trained and managed a local team to own these processes long-term.­ This facilitated a significant expansion in the scale and capability of this office, now one of the largest Aon offices in Europe.• People management, work allocation, capacity planning and performance management. Worked with individuals and teams from other countries and cultures (notably Poland, India and America). • Tendering new business pitches to prospective clients and demonstrating our software and capabilities to new and existing clients.• Significant experience managing project workstreams of various sizes, including use of MS Project as well as a variety of issue tracking and workflow utilities. Show less

  • Data Protection Governance Manager

    Jan 2018 - Jan 2019

  • Senior Business Analyst - GDPR

    Jan 2016 - Jan 2018

  • Senior Business Analyst

    Jan 2013 - Jan 2016

  • Technical Business Analyst

    Jan 2013 - Jan 2013

  • Senior Technical Analyst

    Apr 2001 - Jan 2013
• 

  SCC

  Apr 2019 - May 2021

  Data Protection Manager

  Leading on data protection and GDPR within a governance, risk and compliance function.Designing, implementing and managing a robust and comprehensive data protection framework across a diverse and dynamic business.Key responsibilities:• Designing, implementing and managing all aspects of a data protection framework across a dynamic and complex business and a large client and supplier base• Leading a team of data protection analysts and being part of the management group of a GRC function.• Ownership and accountability for management of data subject rights requests and data incidents• Providing data protection expertise in support of commercial activities such as bids, reviews and contracts• Providing data protection expertise and support across all internal business operations (including IT, security, HR, marketing, sales, finance and others) • Ensuring efficient integration of data protection to business operations and associated reporting• Supporting the development and management of data protection in international subsidiaries• Managing interactions with supervisory authorities (such as the Information Commissioner’s Office)Key Achievements:• The design and build of a new and wide-ranging data protection framework covering all aspects of applicable data protection legislation• Driving cultural change to support data protection initiatives in a challenging business environment• Implementing new assessment processes for managing data protection risks (DPIAs, LIAs, TIAs)• Creating new training and awareness programmes Show less

• 

  Rathbones Group Plc

  May 2021 - Jan 2023

  Data Protection Manager (FTC)

  Looking after all aspects of the data protection framework for this well established investment and wealth management firm and the wider Rathbones Group, including support and advice for acquisitions and a significant organisational change programme.

• 

  RSA

  Jan 2023 - now

  Senior Data Protection Manager