IT security, governance and the board

A one-day workshop

Although most organisations now have a clear focus on the need for effective IT security, the external landscape is continually evolving and board members are at risk of complacency without a regular update on the range of IT governance risks to which they may be exposed.

Learning objectives

  • Ensure that you have properly addressed the full range of risks around IT security.
  • Highlight – and rectify – any gaps in your IT governance.

Who should attend?

This overview workshop has been designed specifically for board members.


  • Usually delivered as a one-day session
  • Can also be delivered as a high-impact, bite-sized boardroom briefing session or as a series of more detailed half-day sessions on different aspects of the topic
  • Highly interactive, with plenty of discussion around different scenarios and issues of specific concern to you and your organisation

Special features

This workshop can be tailored to meet your specific requirements. You can follow the agenda set out below or you can talk it through with the trainer and set a new one. The choice is yours.

Meet the trainer

Stephen is an expert trainer and consultant with over 20 years’ experience providing services to the private and public sector in fraud (cyber) risk management, data security / protection and internet investigations, and open source intelligence.


This is an indicative agenda – a starting point for a conversation with you. Stephen would be happy to tailor it to your precise requirements.

1 Risk refresh

  • Learning from other organisations’ mistakes

2 Cyber crime risks

  • External risks (phishing scams, ransomware, hacking, data theft, DDOS)

3 IT accident risks

  • Internal risks (back-up failure, accidental loss or release of data, employee negligence and worse)

4 Wireless, remote working and cloud technology

  • Are we safe?

5 Social media

  • Internal and external reputational risks

6 IT legislation

  • Understanding directors’ IT governance responsibilities (including GDPR, DPA)

7 Creating a secure culture

  • IT governance, best practice and controls (including ISO27001, Cyber Essentials overview and the ten steps)

For a no-obligation discussion about running this programme for your organisation on an in-house basis, just give us a call on 01582 463465.