|
|
Training
for Public Sector employees
Information Assurance is currently available at 3
levels depending on your role:
- Protecting Information Level 1: provides
all staff with a basic understanding of why it is important
to protect information.
- Protecting Information Level 2: offers more
in-depth coverage of IA issues aimed at Information Asset Owners
(IAOs), line managers and project managers.
- Protecting Information Level 3: an e-learning
package aimed at new Senior Information Risk Owners (SIROs),
Information Asset Owners (IAOs) and Non-Executive Directors
(NEDs), which follows on logically from level 1 and 2. This
is part 1 of a 2 part learning programme. Successful completion
of the e-learning package is a pre-requisite for attendance
on part 2 of the programme which is a face-to-face event.
Training for new SIROs, IAOs and
NEDs – a new approach
CESG, in consultation with a wide group of government stakeholders,
developed a new approach to training new SIROs, IAOs and NEDs.
- The blended learning programme replaces the successful face-to-face
baseline seminars, which have run since June 2009
- It is a 2-part programme comprising an e-learning package followed
by a face-to-face event
- It includes both new and existing content and takes
account of previous delegate feedback
- The programme also meets the requirement to increase capacity while making cost and efficiency savings.
STEP 1:
E-learning:
The Protecting Information Level 3 e-learning package is part 1 of
the 2-part programme aimed at new SIROs, IAOs and NEDs.
- Provided by CESG, the package builds on the messages contained
in Protecting Information Levels 1 and 2
- Free of charge to all public sector organisations
- Easy to use, modular format
- May also be of interest to others working at a strategic level
with SIROs, IAOs and NEDs
- Four e-learning modules cover:
- Introduction: including an overview of
UK government strategies and relevant legislation.
- The ‘IA Family’: covering
the roles of Cabinet Office, CESG, CPNI, the National Archives,
Ministry of Justice and the Information Commissioner’s
Office; and also giving an overview of those within an organisation
who can help a SIRO, IAO or NED discharge their functions
and provide assurance that Information Assurance activities
are being appropriately implemented
- Risk andThreat: lA basic overview of what
is meant by Information Risk Management, how it differs from
other forms of risk management and how it is similar
- Data Loss: a survival pack for new SIROs,IAOs
and NEDs who may be faced with managing an incident early
in their tenure
- Although the package follows the logical order above, each
module stands in its own right and can be tackled independently
- The package concludes with a 10 question multiple choice
assessment
- Successful completion of the package is a pre-requisite
for attendance on part 2 of the programme, which is a half-day
face-to-face event.
If you have problems accessing the package please contact: virtualschoolpi@nationalschool.gsi.gov.uk.
STEP 2:
Follow-on face-to-face event:
- To be run by The National Archives as of Autumn 2011(previously
run by CESG in association with Cabinet Office, CPNI and the National
Archives)
- Events run quarterly. Only one event need be attended
- Event builds on knowledge acquired in the e-learning
- Topics include:
- Getting to grips with the responsibility for leading and
fostering a mature information handling culture
- Considering the sources of risk which could affect an organisation
- Managing an information loss incident: practical exercises
building on the e-learning which allow for deeper discussion
of the complexities which can arise during an incident.
Note: Organisations covered by the DHR must demonstrate
that they have met the minimum training requirements laid out in paragraph
2.15 of the Data Handling Procedures in Government: Final Report of
June 2008. Completion of this programme is one way to do that. Those
who do use this programme as part of their ongoing information handling
training should supplement it with specific local advice. |
