All organisations must designate someone to take responsibility for data protection compliance.
Some are required to appoint a Data Protection Officer.
Future thinking organisations are choosing to appoint a DPO, to help regulate their privacy and build a stronger foundation of trust with their customers.
The GDPR allows for organisations to appoint an external DPO based on a service contract.
If you do appoint a DPO you must notify the ICO.