Natalie Walker, Compliance Standards Manager
In this ‘My IPI journey’ blog series, we’ll take a look at the different paths IPI people have taken to get to their current position, providing inspiration to others on how they can map out their career path within IPI and guidance for those who are looking to join the IPI family.
When did you join IPI and what was you first position?
I joined IPI in 2016 as Projects & Operations Administrator. I was responsible for managing the DesktopLive product, which involved project management, billing, user list administration, IT equipment builds, and building relationships with clients. I also tracked and managed all the assets purchased internally and for our clients.
I was also responsible for scheduling the engineers – for example, when they should be with each client, what work needed to completed during that time, what project work needed fulfilling and organising out of hours rotas.
Tell us why you joined IPI in the first place – what attracted you to the job, the company and the opportunity?
I was initially part of Managed Networks, an IT solutions provider to West End theatres, which was acquired by IPI in 2019. It’s been a great journey joining the IPI family, and I was particularly attracted to opportunity to develop my own role and learn on the job. I was able to create new processes and solutions to current problems, which was extremely rewarding.
When I transitioned over, the hiring manager was very welcoming, and I got the chance to meet some of the team before joining, which was a fantastic way to get a feel of the culture and working environment. Suffice to say that I was impressed with what I saw!
What made you consider an internal move and how did you get there?
From Projects & Operations Administrator in 2016, I moved to become the team’s Coordinator in 2017. Then in 2019, after some internal discussions with leadership about the need to focus on more security and compliance aspects within the company, something I noticed had great potentional but needed some fine-tuning, I was promoted to Compliance & Operations Manager in 2019.
This role straddled both Operations and Security. After some discussions internally about what I wanted my role to be, what we wanted to achieve in both areas, and where the focus needed to be from an IPI perspective, the role of Compliance Standards Manager was specifically developed and created for me. Now, with the operations aspect handled by another team member, I am able to fully dedicate my time to enhancing and improving the compliance and security aspects within the company, areas that I really enjoy working on.
IPI was hugely supportive and open to developing this role with me, and it was fantastic that I was able to take ownership of the security and compliance areas. For example, when we initially looked at ISO 27001 certification (an international standard on how to manage information security) there was no official owner, so I added it into my current role as it aligned with a lot of the work I was originally doing.
What support have you had throughout your IPI journey?
At the beginning of my IPI compliance journey, I received a lot of advice, both internally at IPI and externally from other professionals in the field, on how the official compliance frameworks work, what should be in place in an organisation and tips on how to achieve regulatory compliance. These frameworks provide a guide on what best practices look like in an organisation, so these were the basis of my original knowledge.
I built on this through webinars, further research and training supported by IPI. This includes a membership to IT governance professional organisation ISACA, paid for by IPI, which provides monthly training sessions on every aspect of compliance and IT governance, as well as speaking sessions from some of the best people in the field. IPI has also recently signed up to LinkedIn Learning, which has been a wonderful resource for me to enhance my knowledge and skills.
In addition, colleagues from all corners of the IPI family provided me with mentoring and advice. These colleagues – including from the legal and Platforms departments – started similar compliance journeys at the same time as me and we have become a shared source of knowledge and guidance.
Tell us about your new team?
The Security and Compliance team sits within the Platform Solutions team. The team as a whole is very close knit – we have daily check-ins and monthly calls where we collaborate on how to continuously improve the security element of the Platforms Solutions, and we all have a good relationship with each other.
I also collaborate closely on a regular basis with pretty much every department within IPI, from legal to finance to the IPI service desk.
What does a typical day look like in your current role?
A typical day will involve policy and process development, meetings to discuss a client’s security questionnaire required for a bid, reviewing the security credentials for a new IPI supplier, and working on reports and documentation in the event of a security breach or malicious attack at IPI. I also do my best to keep on top of the latest security news and trends every day, though the day sometimes gets away from me!
What do you love about your role?
My role gives me a lot of flexibility to focus on particular areas of the business, as security and compliance reach all corners of IPI. I love being able to set my own schedule and decide what I want to work on. I can set a timeline for the year based on areas we want to improve internally at IPI. I am responsible for the success of these improvements, which is nerve-racking but exciting!
It’s also been really great to collaborate with everyone across IPI, and work together to embed the compliance frameworks and accreditations into the IPI culture so that they’re second nature to everyone.
What advice would you give other people looking to make a similar move?
You need to be interested in the topic. Some areas can be quite dry such as reading UK legislation, so you have to have the interest from the get-go.
Also, attend webinars and talks by people in similar areas to understand what is involved in the role as it can be very varied.
What is next for you?
With IPI’s support and investment, I am planning to start the Certified Information Security Manager qualification. This includes exams and at least five years of security and compliance experience before you can be certified. I’m currently on three years of experience in this field, so I still have a bit of a journey to go, but I can’t wait.