Service Description

This one day course for Senior Information Risk Owners (SIRO) covers all you need to know for the role and responsibilities of the SIRO. This course covers: - The role of the SIRO and associated responsibilities; - Managing working relationships with your Information Asset Owners (IAO), Data Protection Officer and other Information Governance team members; - Information and corporate governance including suggested reporting channels and information assurance; - Information risk management, risk appetite and risk tolerance; - Developing and maintaining an Information Risk Register, guiding you through threats, hazards, controls, and the use of Data Protection Impact Assessments (DPIA); - Security Incident and Breach Management; - Awareness of the legal framework of General Data Protection Regulation (GDPR), Data Protection Act 2018, Data (Use and Access) Act 2025, e-Privacy regulations, cyber resilience and ISO 27001; - Supporting and developing a compliance program; - Achieving compliance with the accountability principle; - Maintaining compliant records of processing activities; - Leading change in organisational culture to one that values and safeguards information and personal data.