Catalyst

Inspire Inclusion: A Day in the Life of Compliance and Process Manager.

Meet Tatiana Mordvinova, Compliance and Process Manager at Catalyst Europe, who ensures everything the company does adheres to the relevant UK laws and regulations in information security and data protection.

In this special International Womens Day blog post, Tatiana takes us through a typical day in her role, explaining her key responsibilities, what she enjoys most, and the skills needed to thrive in this field. She also shares valuable advice for young women interested in pursuing a career in information security and data protection.

Together let’s break down the barriers, inspire inclusion, and show the path to success.

What does your role involve?

My role is to make sure that what we do at Catalyst is compliant with the relevant UK laws and regulations, in the space of information security and data protection. We are also ISO27001 certified and that helps us ensure an even higher level of thoroughness when it comes to protecting our customers’ and our own data. 

I enjoy working with different functions across Catalyst. A big part of my role is raising awareness and training people in all roles and working closely with them to implement information security best practices. 

I love that my role touches on every single aspect of the business. I have regular meetings with the Head of Technology who oversees security in technical space, and I also get to work with our E-learning consultants on designing internal training, with our Marketing lead, Project managers, Internal Services team – that would be around risk management in projects and supply chain. I also work closely with the Site Reliability Engineering team, on some fun tabletop exercises in information security. 

I get to poke my nose in everyone’s business and I learn loads from doing that!

My main responsibilities are:

– look after our Information Security Management System – it’s called that because it applies to everything in business, from locking the office door to making sure passwords are strong and suppliers are checked 

– train our lovely people – a lot! 

– making sure our data protection documentation is top notch

– working closely with the senior leadership team, so they’re always kept in the loop!

– writing things down – all the time – in a systematic way. I like to think of it as running my own library – everything is beautifully catalogued and everyone knows where to look for things.

Describe your typical working day?

A lot of the time I am writing documentation – in a way that will make sense to other people (and to my own self later on) and will be easy to maintain, so I try to keep it simple and well formatted. 

My job can never be done well in isolation so often I will have meetings with people to discuss how data protection and risk assessment fit in with what they do. I am unhealthily obsessed with action points. I will often break discussion down into what exactly needs to be done and who will do it and then send friendly reminders to people :-).

Tell us about the last piece of work you were proud of?

We have just finished annual review of our Information Security Management System. It’s always nice to look back on the year gone: how have we addressed the risks we previously identified, what is the wider context the business is operating in from the information security point of view, and what risks but also opportunities arise from it? It is nice to have some space to sit down with the Senior Leadership Team and do some quality thinking around it.

What advice would you give to women interested in a career in information security and data protection?

Although information security is a largely technical field, there are non-technical roles that are required to ensure compliance in this space. Therefore what matters most is the ability to organise and categorise processes, have analytical mindset to create streamlined documentation, people skills to deliver training and have good rapport with staff to make sure they feel comfortable reporting any security events and are happy to collaborate. These skills are very common in women, as they are in men, and a woman from any background can step into my role, if she puts her mind to it. 

A lot of what I have learnt in my role has not come just from the certified learning courses, it has come from reading legislation news every day, asking lots of questions and focusing on internal progress rather than worrying if I come across as an expert at all times.

Best piece of advice you’ve been given?

Intellectual humility is a good thing. It allows you to consider other people’s opinions and the possibility that you might be wrong sometimes. Ability to consider multiple perspectives and learn from it and being humble about your own knowledge is smart.