Cyber Security: Information Asset Owners (IAOs)

In an increasingly digitalised world, it is vital that Financial Services organisations foster a culture which values and protects their important information assets. 

Every organisation implementing Cyber Security best practices will have Information Asset Owners (IAOs) or their equivalent. IAOs are responsible individuals who are involved in the running of the business. Their role is to identify, manage and report on key information assets for which they have accountability, as part of the organisation’s overall governance structure.

The introduction of the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) 2018, has made the classification and safeguarding of personal and sensitive information an even greater compliance priority. Under the new legislation, an organisation compromised by a serious data breach can face financial penalties of upto €20 million or 4% of its global annual turnover. As well as the financial implications, organisations could also face business disruption, reputational damage and loss in customer and stakeholder confidence. In a rapidly evolving Cyber Threat environment, it is important therefore, that the IAO stays current and undergoes relevant role-based training on a regular basis.

Certified by GCHQ and IISP, our comprehensive one day course is aimed at Cyber Security and Information Assurance training for IAOs and for senior managers with responsibility for protecting and exploiting business critical information. Delegates will be provided with a safe and stimulating forum to discuss roles and responsibilities, key issues and challenges, along with examples of best practice. The course will equip delegates with in-depth knowledge and opportunities to apply their learning through real-world case studies and to effect positive changes in their role with immediate effect.

KEY LEARNING OBJECTIVES:

• Understanding of Cyber Security and Information Assurance and why this is critical for business;
• Understanding of the current Threat landscape and trends;
• Overview of key legislation and regulation;
• Understanding of best practice leadership and governance and how the IAO role fits;
• Understanding of IAO roles and responsibilities including metrics and reporting; 
• Understanding of the IAO role and Business Information Risk Management to build Cyber resilience and foster a positive culture that values and protects information appropriately.

Business leaders who have been nominated as:

• Information Asset Owners (IAOs)
• Senior Information Asset Owners (SIAOs)

Edward Wolton
Edward Wolton is a GCHQ Certified Trainer for a range of courses, with extensive experience in training delivery to senior audiences across government and global organisations in a multitude of commercial sectors. These include Chief Executives/Accounting Officers, Senior Information Risk Owners (SIROs), Chief Risk Officers and other C-level executives on boards and with their direct reports.
He is the Deputy Chief Executive of Templar Executives. Edward has worked in the fields of Cyber Security and Information Assurance for 17 years offering strategic advice, consultancy, delivering audits and technical services, as well as running practical workshops for seniors and specialist to develop and improve Cyber maturity.
As well as holding Cyber Security and Information Assurance qualifications, Edward has also led a number of industry forums. These include including Chair UK Multi-Agency - Cyber Strategic Governance Group, Chair Information Assurance Collaboration, Defence and Security Forum and is a mentor for the Journeyman Scheme for The Royal Chartered Worshipful Company of Information Technologists.

09:30 Introductions and objectives for the workshop
An overview of the IAO role
The Cyber Threat landscape and trends - focus on the Financial Sector with real examples and scenarios

10:30 Short break

10:45 Legislation, Supervisory Authorities, and consequences of non-compliance

11:45 Best practice strategy, leadership and governance
Key stakeholders and support
Letters of Delegation
How to identify, prioritise and categorise information assets

12:45 Lunch break

• A sandwich lunch will be provided and an opportunity for you to network with the trainer and other delegates

13:45 Business Information Risk Management
Risk Appetite, classification and controls

14:45 Key industry standards
Reporting and key performance indicators
Building an IAO community and sharing learning

15:30 Short break

15:45 Incident Management and building cyber resilience

16:15 Scenario within Financial Sector to consolidate learning

17:00 Q&A, Feedback and Close

IA Member £375.00 +VAT
Non-Member £450.00 +VAT

Pay using a credit card online, or if you wish to be invoiced please email your full details to: Training@theia.org

PLEASE NOTE: Full payment for the course must be made prior to the course commencement date.

Any cancellation must be made in writing. For all cancellation received 15-30 days prior to the course start date, 50% of the course fee is still payable. No refund is given for a cancellation made 14 days or less prior to the commencement of a course. Transferring from one course to another is treated as a cancellation. You can substitute one delegate for another at no additional cost. In this instance, please give two business days’ notice.