Online or Classroom

Every course purposefully designed

Risk Management in IG

Effective risk identification and risk management are not just best practices for organisations; they are obligations under GDPR and the Data Protection Act 2018 to demonstrate accountability, ensure data security and safeguard data subjects’ rights.

A robust risk management process helps identify vulnerabilities, reduces the likelihood of data breaches, helps complete DPIAs and provides evidence of GDPR compliance. Unfortunately, the GDPR is silent on how organisations should assess and quantify risk, which means information governance professionals have to consider generic guidance from other sectors.

In this workshop you will gain critical insights and practical tools to identify, assess, and mitigate information risks in your organisation. Designed for information governance professionals, it delivers actionable strategies, real-world examples, and expert guidance to strengthen your risk posture and support compliance.

By the end of the workshop, you will be able to map information assets, threats, and vulnerabilities to assess real-world risks, produce a risk register tailored to your organisation, make informed decisions on mitigating or accepting specific risks and begin embedding a risk aware approach in daily operations, projects, and strategic planning.

Key Topics

  • The role of risk management in data protection compliance
  • Key frameworks (ISO 27005, NIST RMF, FAIR)
  • Identifying and assessing risks
  • The 5 risk management steps
  • Identifying threats and vulnerabilities
  • Assessing severity and likelihood of risk
  • Risk response strategies
  • Selecting effective controls
  • Applying a risk matrix
  • Identifying risk appetite
  • Planning and implementing controls
  • Risk reporting and culture

Dates & Cost

Online

£449 plus VAT

Classroom

£499 plus VAT

Timings: 10am to 4pm

 
Date: 15 Jan 2026
Location: Online
BOOK
Date: 10 Mar 2026
Location: Online
BOOK
Date: 12 May 2026
Location: Online
BOOK
Date: 13 Jul 2026
Location: Online
BOOK
Date: 15 Sep 2026
Location: Online
BOOK
Date: 05 Nov 2026
Location: Online
BOOK
More dates
Advanced search
Download Flyer
Download Flyer

Course tutors

All our associates are experienced information governance professionals who have been training and advising in this field for many years.

  • Philip Jones

    Course Tutor


    Philip has 40 years of information management experience in the public and private sectors both as a practitioner and at a senior management level. He was Head of Information Governance at Staffordshire Council. Philip holds a masters degree in information management and an MBA. He is a senior associate for Act Now and Chair of the Exam Panel.

  • Scott Sammons

    Course Tutor


    Scott is an information governance specialist with over 15 years of experience. He has delivered a number international projects for Act Now Training and is a senior tutor on the Advanced Certificate in GDPR Practice. His previous roles include European Data Protection Lead for a bank and GDPR Implementation lead for a council. He is a former Chair of the IRMS.

  • Susan Wolf

    Course Tutor


    Susan holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She spent ten years teaching the LLM in Information Rights Law at Northumbria University and developed their Postgraduate Certificate in Data Protection Law and Information Governance. Susan is one of the senior curriculum developers for Act Now Training.

  • Lynn Wyeth

    Course Tutor


    Lynn is the Head of Information Governance for a large local authority and has over 20 years of experience as a practitioner. She holds a post graduate diploma in Information Rights, the CISMP certificate and is an accredited HSCIPP privacy practitioner. She is the author of two books and is currently undertaking a PhD. Her experience is across GDPR, FOI and RIPA.

  • Iain Harrison

    Course Tutor


    Iain is currently an Information Governance Risk Manager for a large local authority and has over 20 years of experience. He has been delivering training for Act Now for over 7 years in GDPR and FOI for public, private and charitable organisations. His extensive experience in planning and implementation of Information Rights legislation allows him to bring training sessions to life.

  • Kirsty Squires

    Course Tutor


    Kirsty is currently a DPO for a number of local authorities and has over 15 years of experience in Data Governance. She has led the IG Project Team on transformation projects to deliver local government restructure in Northamptonshire, dealing with issues including information sharing, data protection by design and leading on training and policy development.

  • Naomi Matthews

    Course Tutor


    Naomi is a local authority lawyer and holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She has extensive experience in all areas of information compliance and RIPA. Her training has been commended by RIPA inspectors and her advice has helped many local authorities understand the law and practicalities of covert surveillance.

  • Suzanne Ballabás

    Course Tutor


    Suzanne Ballabás, is a privacy professional with over ten years of practical experience in implementing privacy practices across various international organisations, in addition to acting as a compliance officer for multiple regulated entities within the UAE’s financial districts of DIFC and ADGM.

  • Olu Odeniyi

    Course Tutor


    Olu Odeniyi is a Cyber Security, Information Security and Digital Transformation Trusted Advisor who has 30 years' experience helping organisations maximise gain from technology solutions, including optimisation of business operations and processes. During this time, Olu held several key senior leadership, strategic and operational positions, in the public and private sectors.

  • Robert Bateman

    Course Tutor


    Robert Bateman is a trainer and writer specialising in privacy, data protection, security, and AI. He is a respected voice on privacy and has been writing, researching, and leading conversations in the field since 2017.

  • Craig Geddes

    Course Tutor


    Craig is a qualified archivist and records manager, with 28 years experience working across the range of information governance activities. He has worked for several Scottish local authorities as Archivist, Records Manager, and Senior Information and Improvement Officer.

What our clients say about us

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I learned so much! The course was just the right balance of theory and practical, and was very well delivered.
    CB, CHAS

    The course was very useful as an IG Officer. The trainer was knowledgeable and explained some complex aspects of the legislation using interesting examples and real life scenarios. As a refresher, even with lots of work experience behind me, it was very useful to undertake the Practitioner course. The course materials and handbook are invaluable and I know I will re-use them in conjunction with my usual resources.
    NC, Lincolnshire County Council

    A very practical and all-encompassing coverage of the UK GDPR provided over 4 days. Although 4 days is not enough time to cover this whole subject in depth, there was just enough covered with further resources and links provided within the sessions to cover all aspects of the GDPR to a level at which I now feel a lot more confident in my role. Thank you, Kirsty!
    SW, Norwich University of the Arts