IT Governance can support your organisation to protect the networks, data and services that the UK depends upon. Our wide-ranging experience of working across the public sector means we are well placed to understand and meet your specific needs.
New regulations and high-profile cyber incidents place higher expectations on all organisations. For the public sector, approaching data protection and cyber security proactively reassures stakeholders and reduces the risks to the highly sensitive data in your care.
Developing cyber resilience
No organisation is immune to cyber attacks or data breaches, but high-profile public sector organisations are particularly attractive to cyber criminals. The serious nature of your operations and the sensitivity of the data you hold means that being resilient to such attacks is critical. Cyber resilience is a cultural approach that not only helps protect against cyber risks and attacks, but also limits their severity and ensures you can continue to operate when an attack or breach does occur.
The Cyber Resilience Strategy for Scotland
IT Governance is a Scottish Government-approved cyber security services supplier.
All public-sector bodies in Scotland are now required to take urgent measures to develop cyber resilience and become “exemplars” in online security. One of the first requirements was to achieve Cyber Essentials or Cyber Essentials Plus certification by October 2018.
Find out how we can support your certification >>
Achieving GDPR and DPA 2018 compliance
We offer a range of products and services to support compliance with the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018.
Read about the GDPR here >>
Read about the DPA 2018 here >>
Certified training for your DPO
IT Governance’s certified DPO training is suitable for serving DPOs and delivers the background that you need to better perform your role. The masterclass course is suitable for those with the GDPR Foundation qualification. Delegates with the GDPR Practitioner qualification can upgrade to Certified DPO via the upgrade course.
Gain the knowledge and skills to enable you to fulfil the DPO (data protection officer) role under the GDPR (General Data Protection Regulation) with this four-day certificated training course.
Gain the knowledge and skills to enable you to fulfil the DPO (data protection officer) role under the GPDR (General Data Protection Regulation) with this certificated training course.
Outsource your DPO function to our legal firm GRCI Law to ensure you receive the best advice and guidance as and when you need it.
As GDPR and DPA 18 specialists, we can tailor a package of products and services to meet the needs of your organisation.
This could include
- Training for the DPO and the data protection lead
- E-learning training for staff
- Relevant books and document templates
- GDPR implementation and compliance software
- GRCI Law consultancy services
Read more here
Supporting colleagues to understand their responsibilities
Individuals across the public sector are easy targets for cyber criminals and are the cause of most data breaches, the majority which are caused by simple mistakes or a lack of understanding. Our e-learning courses focus on these common mistakes and key vulnerabilities to help protect your systems.
This ten-minute, interactive human patch e-learning course aims to educate employees on the risks and consequences of misusing the Cc and Bcc fields when emailing, and teaches users how to communicate securely and legally with large numbers of people. By educating your staff, you can reduce the risk of your organisation suffering an avoidable data breach.
This course aims to provide users with a complete foundation on the principles, roles, responsibilities and processes under the Regulation. Staff can retake the test until they pass to ensure they understand the Regulation and their organisation’s compliance obligations.
The Information Security and Cyber Security Staff Awareness E-Learning Course teaches staff the basics of data security, information security risks, cyber security risks and dealing with threats.