0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn Follow Aristi Ltd on Google Plus


You are here:

SIRO, Accreditor & IAO Training.

Security Training

Aristi has developed a number of training courses to enable key roles within Central & Local Government and Emergency Services to make effective security decisions.

Effective information security is about making good risk based decisions and involves senior management support, good governance and embedding a security culture within the business. Key to this is the identification and training of specific roles such as:

  • Senior Information Risk Owner (SIRO)
  • Accreditor/Information Security Officer (ISO)
  • IT Security Officer (ITSO)
  • Information Asset Owners (IAO)

Aristi can provide training for these key roles as well as general security awareness training for staff. Training can be provided on site or at our training facilities in Birmingham. All training courses can be tailored to reflect specific requirements and can be based on your business rather than generic theory.

Accreditor/ISO Training

Our three day Risk Management Concepts course for Accreditors/Information Security Officers and IT Security Officers has been updated to include the recent changes to the IA landscape (IS1 no longer mandated, move to Government Security Classifications, more pragmatic use of ‘Accreditation’ and ‘RMADS’).

The course covers:

  • Key IA roles and responsibilities
  • Building a governance structure for delivering effective IA
  • New Government Security Classifications (GSC)
  • Risk Management principles
  • Selecting control measures for risk mitigation
  • Critically assessing risk assessments
  • Developing security documentation
  • Making Security decisions

Many public sector organisations use prescriptive risk assessment methodologies without any real thinking behind them so end up mitigating theoretical risks rather than the real risks. On the course we look at how risk assessments can be used effectively to identify the real risks to the business and how these risks can be contextualised so that they are meaningful to senior management/SIROs. The limitations of traditional risk assessment methodologies are also explored and we cover the key inputs you need to the risk assessment process to make it effective.

We also look at how Accreditation is miss-understood and how a more effective and business focused process can be implemented.

The course consists of instructor lead sessions, practical exercises and scenario based role play sessions to gain an appreciation of building and presenting a security case to the board.

SIRO Training

Information Security is a business responsibility. Our SIRO training is a one day course for Private Sector, Government and Emergency Services SIROs, board members and senior management to enable them to understand their roles and responsibilities as business owners of information security and the associated risks.

The course covers:

  • SIRO role and responsibilities
  • Development of a governance structure to deliver effective Information Assurance
  • Data handling and classification
  • Development of an information risk management regime to support the business
  • Data Protection and the new General Data Protection Regulation (GDPR)
  • Cloud security

IAO Training

IAOs play a key role in the risk management process and therefore need to understand their responsibilities to enable them to be effective. Our one day IAO training workshops are designed for groups of IAOs to learn about the role and share knowledge with fellow IAOs. These workshops are often delivered on site as IAOs tend to be senior managers and taking a number of senior people out of the organisation for a day is not always practical.

The course covers:

  • Definition of an IAO
  • IAO role responsibilities
  • Key questions an IAO should be able to answer
  • Risk management for IAOs
  • Data handling and Classification
  • Data Protection and the new General Data Protection Regulation (GDPR)

Course Dates for 2018

Accreditor/Information Security Officer Training – Birmingham

Please contact us at training@aristi.co.uk for details.

Senior Information Risk Owner Training – Birmingham

Wednesday 10th October 2018

Tuesday 13th November 2018

Tuesday 8th January 2019

Tuesday 5th February 2019

Tuesday 5th March 2019

Tuesday 2nd April 2019

Tuesday 7th May 2019

Tuesday 4th June 2019

Tuesday 2nd July 2019

Tuesday 6th August 2019

Tuesday 3rd September 2019

Tuesday 8th October 2019

Tuesday 5th November 2019

IAO Training – on site

Please contact us at training@aristi.co.uk to arrange an onsite IAO workshop.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

Looking forward to exhibiting at the Emergency Services Show this week. #ESS2018
Cyber security firm offers free GDPR seminars | GBCCBirmingham-based data protection and cyber security specialists… https://t.co/BtNQx4ORts
Virtual Data Protection Officer https://t.co/Lp0sA0A0uT

Subscribe to our Newsletter

Latest Blog Posts

  • Virtual Data Protection Officer

    The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities. To support your on going GDPR compliance and management requirements, we can provide a Virtual Data Protection Officer (vDPO) service giving you access to independent […]

    Written on Thursday, 10 May 2018
  • Protecting Businesses with Cyber Essentials

    The lack of basic cyber security controls remains a significant factor in the vast majority of cyber attacks in the UK today. Businesses are left worried about hackers, data loss and security, and are not sure where to turn. The scale of the threat is nothing new.  The media now regularly covering stories of data […]

    Written on Monday, 05 March 2018
  • Are Phishing Emails still a problem?

    There is so much technology and software available these days, preventing malware and malicious emails from getting into our systems that you have to ask are phishing emails still a problem? One of the most used communication technologies is still email due to its versatility and ease of use. However, because of this we now […]

    Written on Friday, 02 March 2018