Senior Information Risk Owner (SIRO) Training – 17th Oct ’23





17 Oct 2023


9:30 am - 12:00 pm


Online Training

More Info

No event found!
Load More

Senior Information Risk Owner (SIRO) Training – 17th Oct ’23

Online Training

  • Call scheduled for 2.5 hours.
  • Presentation will be issued 4 working days in advance.
  • You will need to read the course materials prior to the session, so at the beginning you can highlight any areas that you may be specifically unsure of, or if you any specific issues/scenarios that you may want to discuss. These will be factored into the session.
  • After the session, time will be spent reflecting and consolidating training learnt into a development plan.
  • Overall the training will be 6 hours, a CPD certificate will be issued.

More information about our Online Training


Why do you need SIRO training?

Undertaking SIRO information and training helps you to:

  • Fulfil your responsibilities as a Senior Information Risk Owner
  • ensure that people who work for you know how to work within Data Protection legislation and without risks to the organisation
  • develop a positive Information Governance culture, where compliant data handling becomes second nature to everyone
  • meet your legal duty to protect the personal information that you hold
  • ensure that everyone is aware of their personal responsibility to exercise good judgement, and to safeguard and share information appropriately.


Effective SIRO training will

  • enable you to understand how the strategic business goals of the organisation may be impacted by any information risks, and how to take steps to mitigate them
  • help your organisation understand and avoid a data breach
  • help you avoid the financial costs of a data breach and associated costs such as civil damage claims, lost confidence and ICO investigations
  • contribute towards making your employees competent in GDPR and Data Protection requirements.


The law

The GDPR and Data Protection Act 2018 requires you to provide a compliant environment to handling personal data.

This is expanded by the ICO who emphasise the need for a SIRO to advocate and lead in the provision of a robust Data Protection culture and training, ensuring it is embedded in the organisation, e.g. when people start working with you, on exposure to new or increased privacy risks and where existing Data protection applications may have become casual or processes and knowledge need updating.

SIROs have responsibility for understanding how the strategic business goals of the organisation may be impacted by any information risks, and for taking steps to mitigate them.  There are some regulations that include a specific SIRO input, e.g. when you need to meet the standards in the NHS DSP Toolkit.


Who needs SIRO training ?

Executive Directors or Senior Management of an organisation with overall responsibility for an organisation’s information risk policy.

Senior member of staff with IG oversight. If you employ managers or supervisors they need to know what you expect from them in terms of Information risks and threats and how you expect them to deliver.

Most CEO’s and Chairs of Boards and trustees will benefit from this training, to understand the value of having a recognisable SIRO, where their role fits in, and how the organisational Privacy risks should be managed.


Aims of the course

To equip senior officers in an organisation to understand and address their accountabilities and responsibilities for:

  • Information risk and incident management framework within the organisation
  • Information risk policy
  • Annual information risk review
  • Providing a focal point for communicating information risk policy and issues across the Board
  • Mitigating any identified information risks
  • Fostering and leading an appropriate (security) culture
  • Ensuring data breach incident reporting process is in place, and process for Serious Incidents requiring investigations (SIRI) where appropriate
  • Data Privacy Impact Assessment for new projects
  • Briefing the Chief Executive and Board members or Trustees about information risk
  • Documentation and application of risk management methods
  • Identifying and providing guidance to Information Asset Owners for all information assets and ensuring they understand their responsibilities
  • Oversight of and prioritisation of Information Governance activities
Course - BLS Stay Compliant
BLS Stay Compliant Logo Facebook

Course Provider: Organization

Course Provider Name: BLS Stay Compliant

Course Provider URL: