Senior Information Risk Owner

The Senior Information Risk Owner (SIRO) is a Corporate Management Team member who takes overall ownership of the organisation’s information risk management policy, acts as an advocate for information risk at board level and makes the annual statement of internal control of information risk. 

Key responsibilities

• Provides a focal point for managing information risks and incidents including:

• • process for information risk assessment
  • review and agreement of information risk mitigating actions
  • discussion and resolution of information assurance issues
    
    
• Fosters a culture for the security and protection of information alongside the requirements for open and transparent communications
• Promotes the assurance of all information assets held by the organisation and its partners on its behalf.
• Keeps the Corporate Management Team and Cabinet informed of information assurance issues.

Contact

The SIRO is Gareth Pawlett.