0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn Follow Aristi Ltd on Google Plus

IT Security Training.
Made Effective.

You are here:Home»Services»SIRO, Accreditor & IAO Training

SIRO, Accreditor & IAO Training.

Security  Training

Aristi has developed a number of training courses to enable key roles within Central & Local Government and Emergency Services to make effective security decisions.


Effective information security is about making good risk based decisions and involves senior management support, good governance and embedding a security culture within the business. Key to this is the identification and training of specific roles such as:

  • Senior Information Risk Owner (SIRO)
  • Accreditor/Information Security Officer (ISO)
  • IT Security Officer (ITSO)
  • Information Asset Owners (IAO)

Aristi can provide training for these key roles as well as general security awareness training for staff. Training can be provided on site or at our training facilities in Birmingham. All training courses can be tailored to reflect specific requirements and can be based on your business rather than generic theory.

Accreditor/ISO Training

Our three day Risk Management Concepts course for Accreditors/Information Security Officers and IT Security Officers has been updated to include the recent changes to the IA landscape (IS1 no longer mandated, move to Government Security Classifications, more pragmatic use of ‘Accreditation’ and ‘RMADS’).

The course covers:

  • Key IA roles and responsibilities
  • Building a governance structure for delivering effective IA
  • New Government Security Classifications (GSC) 
  • Risk Management principles
  • Selecting control measures for risk mitigation
  • Critically assessing risk assessments
  • Developing security documentation
  • Making Security decisions

Many public sector organisations use prescriptive risk assessment methodologies without any real thinking behind them so end up mitigating theoretical risks rather than the real risks. On the course we look at how risk assessments can be used effectively to identify the real risks to the business and how these risks can be contextualised so that they are meaningful to senior management/SIROs. The limitations of traditional risk assessment methodologies are also explored and we cover the key inputs you need to the risk assessment process to make it effective.

We also look at how Accreditation is miss-understood and how a more effective and business focused process can be implemented.

The course consists of instructor lead sessions, practical exercises and scenario based role play sessions to gain an appreciation of building and presenting a security case to the board.

SIRO Training

Information Security is a business responsibility. Our SIRO training is a one day course for Private Sector, Government and Emergency Services SIROs, board members and senior management to enable them to understand their roles and responsibilities as business owners of information security and the associated risks.

The course covers:

  • SIRO role and responsibilties
  • Development of a governance structure to deliver effective Information Assurance
  • Data handling and classification
  • Development of an information risk management regime to support the business
  • Data Protection and the new General Data Protection Regulation (GDPR)
  • Cloud security

IAO Training

IAOs play a key role in the risk management process and therefore need to understand their responsibilities to enable them to be effective. Our one day IAO training workshops are designed for groups of IAOs to learn about the role and share knowledge with fellow IAOs. These workshops are often delivered on site as IAOs tend to be senior managers and taking a number of senior people out of the organisation for a day is not always practical.

The course covers:

  • Definition of an IAO
  • IAO role responsibilities
  • Key questions an IAO should be able to answer
  • Risk management for IAOs
  • Data handling and Classification
  • Data Protection and the new General Data Protection Regulation (GDPR)

Course Dates for 2017

Accreditor/Information Security Officer Training - Birmingham

Please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. for details.

Senior Information Risk Owner Training - Birmingham

Tuesday 5th September 2017 (Spaces Available)

To book a place please email This email address is being protected from spambots. You need JavaScript enabled to view it.

IAO Training - on site

Please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. to arrange an onsite IAO workshop.



Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

GDPR is nearly here! We are running an awareness course on 17th Oct. contact training@aristi.co.uk for details.
Today is your last chance to save on #CyberEssentials with #Aristi and the #IASME #cybersafecharities week! See:… https://t.co/p9K2rb00UG
Aristi & IASME are helping charities bolster their cyber security with a week of discounts! See https://t.co/6Gk94sNSeB #cybersafecharities

Subscribe to our Newsletter

Latest Blog Posts

  • Are you ready for GDPR?
    Are you ready for GDPR? The General Data Protection Regulation (GDPR) is a new legal framework that applies in the…
    Written on Monday, 13 March 2017 10:07
  • Is your organisation safe from Cyber Attack?
    Is your organisation safe from Cyber Attack? Cyber attacks are not a new phenomenon. Malicious hacking attacks on information systems…
    Written on Tuesday, 13 September 2016 15:50
  • 2016 Cyber Security Briefing
     To reserve your place at the Cyber Security Briefing:CLICK HERE To reserve your place at the Cyber Security Briefing: CLICK…
    Written on Monday, 21 March 2016 14:22