Volunteer positions volunteer roles in newcastle upon tyne, tyne and wear

Director of Compliance - (Voluntary)

Status: Voluntary (expenses reimbursed)
Reports to: Board (via the Chair)
Works with: Managing Director, Company Secretary, Head of Programmes, Director of HR, Finance & Compliance Officer
Location: Hybrid (South of England preferred), with occasional site visits
Time commitment: c. 6–8 hours per month, with peaks during audits/incidents
Screening: Enhanced DBS required

Role purpose

To ensure ThriveSpark operates safely, lawfully, and to a consistently high standard by providing independent oversight of safeguarding, data protection, quality assurance, and organisational risk. The Director of Compliance sets proportionate guardrails that enable delivery, maintains the core compliance framework, and advises the Board with clear, evidence-led judgement.

Key responsibilities

1) Compliance framework & policy governance

• Maintain and periodically review the suite of core policies: Safeguarding, Data Protection (UK GDPR), Health & Safety, Quality Assurance, Complaints, Whistleblowing, and related procedures.

• Establish an annual compliance calendar covering policy review, training refreshers, audits, and filings; monitor adherence and report variances.

• Ensure documents are version-controlled, accessible, and aligned across the CIC and (where relevant) the CIO charity arm.

2) Risk management & assurance

• Own the organisational risk register: define risk owners, review quarterly, and ensure mitigations are tracked to closure.

• Design proportionate internal assurance (spot checks, observations, sample reviews) to test policy effectiveness without impeding delivery.

• Produce concise compliance dashboards and narrative reports for the Board, escalating material issues promptly.

3) Safeguarding oversight

• Ensure safeguarding policy and practice meet statutory and sector standards, with clear reporting/ escalation routes and post-incident learning.

• Confirm coverage and currency of safeguarding training for all relevant staff/associates; monitor DBS status and safer-recruitment controls.

• Chair or contribute to incident reviews (including “near misses”) to identify root causes and corrective actions.

4) Data protection & information governance

• Serve as the lead for UK GDPR compliance (or work closely with an appointed DPO as applicable).

• Lead Data Protection Impact Assessments (DPIAs) for new systems, platforms, or data flows; ensure data minimisation, access control, and retention schedules.

• Oversee privacy notices, subject access processes, data breach response, and ICO registration/renewal.

5) Quality assurance (QA) of delivery

• Codify QA standards for programmes (planning, observation, feedback, supervision, reflective practice).

• Coordinate periodic QA reviews with the Head of Programmes; verify that quality actions are implemented and evidenced.

• Support the publication of proportionate impact and compliance statements to clients and stakeholders.

6) External compliance & partner due diligence

• Ensure statutory filings and insurances remain current (e.g., ICO, relevant regulator reporting).

• Oversee due diligence for key suppliers/partners (safeguarding, data protection, insurance, references) and ensure appropriate clauses in contracts.

• Advise on procurement and proportionate contract-management controls.

7) Complaints, concerns & whistleblowing

• Maintain accessible routes for complaints/concerns; ensure timely, fair handling and learning capture.

• Safeguard whistleblowers and assure the Board that concerns are investigated and addressed without detriment.

Success measures (illustrative)

• Risk register reviewed quarterly with actions closed to schedule; Board receives clear, timely assurance.

• 100% completion and currency of mandatory training (safeguarding, data protection) for staff and associates.

• All relevant programmes observed/assured against QA standards at agreed cadence; corrective actions implemented.

• DPIAs completed before any new data processing; zero material data breaches; ICO registration current.

• Safeguarding incidents reported promptly; root-cause analysis and learning actions evidenced.

• Annual policy audit completed; filings and insurances up to date; no missed statutory deadlines.

Person specification

Essential

• Substantial experience in compliance, safeguarding, quality, or risk within education, health, or the social-impact sector.

• Practical command of UK GDPR (including DPIAs, retention schedules, breach management) and confident policy drafting.

• Proven ability to design proportionate assurance, interpret evidence, and communicate concise, actionable findings to Boards.

• Calm, independent judgement; able to balance risk with operational realities and maintain confidentiality.

• Strong written/oral communication; skilled at turning complex requirements into usable guidance for busy teams.

• Commitment to inclusion, ethical practice, and the safety and dignity of beneficiaries.

Desirable

• Experience overseeing mixed workforces (staff, associates, volunteers) and multi-site delivery.

• Familiarity with sector regulators and reporting (e.g., CIC Regulator/Charity Commission context).

• Exposure to ISO-aligned approaches or equivalent quality systems.

• Relevant credentials (e.g., safeguarding lead, information governance, risk/assurance).

Safeguarding, data protection & H&S

This role is subject to an Enhanced DBS check and ongoing safeguarding refresher training. All activity must comply with ThriveSpark policies and legal duties, including UK GDPR, Health & Safety, and sector standards for safeguarding. The director ensures safer-recruitment, data minimisation, and lawful processing are embedded in everyday practice.

Terms of appointment

This is a voluntary position during the current phase. Reasonable expenses will be reimbursed in line with policy. Time commitment averages 6–8 hours per month with additional time during audits or incidents. The Board will periodically review leadership requirements as the organisation scales.