Request Received: 21 November 2023
Responded: 19 December 2023
Q: Name of organisation SIRO (Senior Information Risk Owner) or similar post (Chief Information Governance Officer etc), or responsible person for SIRO duties.
A: SIRO: Claire Morris
Q: Contact email of person named in request No. 1.
Q: Name of organisation DPO (Data Protection Officer) or responsible person for DPO duties.
A: DPO: Claire Morris
Q: Contact email of DPO.
Q: Have you appointed, or do you plan on appointing or delegating the position of IAO to any employees?
A: No
Q: Whom is responsible for the leading IAO structure, I.E. the SIRO/’Lead’ IAO/Head of Governance/Head of Corporate Services etc.?
A: Head of Business Services and Assurance.
Q: Whom is responsible for reviewing and implementing any training needs for the IAO’s? (A job title is fine)
A: Head of Business Services and Assurance.
Q: Spend on external IAO training over the past 5 years, per year (financial year), or is the training delivered internally (if at all)?
A: £0
Q: Are you or have you considered becoming ISO 27001 compliant or certified?
A: No
Q: Following on from previous question, If so whom is/would be responsible for implementation or exploration of ISO 27001? (as in, the person/job title)
A: Claire Morris Head of Business Services and Assurance.
