SIRO Training Course (Senior Information Risk Owner): All you need to know
SIRO Training Course overview
This is a one day SIRO training course for Senior Information Risk Owners that covers the role and responsibilities of the SIRO.
We will cover how to manage working relationships with your Information Asset Owners, Data Protection Officer and other Information Governance team members. How to develop and maintain an Information Risk Register. We will guide you through threats, hazards, controls, and the use of Data Protection Impact Assessments (DPIA).
New to the role of Senior Information Risk Owner (SIRO) or need an update, this is the course for you. It is an in depth course covering the role and responsibilities of the SIRO. We will cover how to manage working relationships with your Information Asset Owners, Data Protection Officer and other Information Governance team members. How to develop and maintain an Information Risk Register.
We will guide you through threats, hazards, controls, and the use of Data Protection Impact Assessments (DPIA).
The course also covers the legal framework of General Data Protection Regulation (GDPR), Data Protection Act 2018, e-Privacy regulations, cyber resilience and ISO 27001, all of which you will need to have knowledge of as a SIRO. We will also look at the importance of leadership, supporting and developing a compliance program, the accountability principle and records of processing activities.
SIRO Training Course Programme
|9.15 - 9:30||Refreshments and Registration|
|9.30 - 10:00||Background to Senior Information Risk Owner (SIRO) roles and responsibilities.
Who should be the SIRO?
Differences between; SIRO & DPO & Caldicott Guardian
SIRO & DPO & Caldicott Guardian
|10.00 - 11:30|| National Picture - Information Security Management System 27001, Cyber Essentials Plus, Public Services Network and the Data Security and Protection Toolkit
National Reviews - Health and Social Care
Legal Framework - Data Protection Act 2018
Accountability and Records of Processing Activities
What is Personal and Sensitive?
SIRO Framework = Information Risk Radar
GDPR Information Risk Management
What is your risk appetite?
Do you know what you need to protect? or what you need to have in place?
Risks, Threats, Vulnerabilities, Controls and Potential outcomes. Examples of Threats
Scenario: Key Systems
|11.30 - 11:45||Refreshment Break|
|11.45 - 13:00||Risks do not go away - Plan, Do, Check and Act
Scenario; Data Breach
Example Data Breaches
Personal data breaches
You have become aware of a breach - What should you do?
Breach Assessment Grid
National Cyber Security Center - 10 steps; Cyber security, Password Security
|13.00 - 13:30||Lunch|
|13.30 - 14:45||Data Protection Impact Assessments
Exercise; Information Asset Owners & Administrators
Exercise; What are the Daily IAO/IAA Tasks
Exercise; Information Asset Register
Why do you need a Information Asset Register?
Exercise; Information Asset Register Checklist
Exercise; Information Asset Risk Assessment
Information Asset Management & Data Flow Mapping and Create Your Own Data Flow Map.
Pseudonymisation, Anonymisation and Encryption. Primary and Secondary use of data.
|14.45 - 15:00||Coffee|
|15.00 - 16:30||Information Security Risk Management
Scenario: Data Flow Mapping
Exercise: Create Your Own Data Flow Map
What is forensic readiness?
Simple example of Pseudonymisation
Anonymisation and Encryption
Primary and Secondary use of data
Information Security Management System
Build a Culture of Information Management
What the SIRO did next?
|16.30||Summary and Final Questions|
SIRO Training Course Dates
|Cardiff||7th November 2019||Places Available|
|London||16th January 2020||Places Available|
|Manchester||22nd January 2020||Places Available|
|Cardiff||25th March 2020||Places Available|
Want to know more about our SIRO Trainers?
Our Trainers are amazing, between us we have over 100 years of experience working in information Governance.
Leadership Through Data provide bespoke training courses that are custom made to your needs. Bespoke courses provide an exclusive learning and development opportunity which is cost effective.
If you did not find the course you are looking please contact us and we can discuss and design the right course for you. For a no obligation quote, email firstname.lastname@example.org or call 07931566007 or 01206 807267
All prices include the attendance of 15 delegates, a course workbook, additional reading, slide handouts, an LTD delegate folder, a pen and a CPD certificate. If booked in advance, we offer a 4 week after care package.