Skip to navigation | Skip to main content | Skip to footer
Menu
Search the Staffnet siteSearch StaffNet

Training and support

OneTrust

OneTrust is a new online system that forms a significant part of our GDPR programme of improvements; making it quicker, simpler and easier for employees to comply with GDPR and manage information risk. The Information Governance Office has run a series of briefing sessions for staff to explain what it is and when it should be used. If you missed a session and would like more information please contact us.   

 

Information Governance Guardian network

Working with and supported by the Information Governance Office (IGO) team, the Information Governance Guardian (IGG) will ensure information governance disciplines are embedded within working practice across their respective School, Institute, Faculty, Library and Cultural Institute or Professional Services Directorate, and that the respective management are aware of their risk status. They will support and guide the leadership and staff within their area of guardianship, with the management of information security, data protection and records management and will report on progress / concerns on a regular basis through agreed communication lines. Heads of School, Directors and equivalent are responsible for ensuring compliance with University policies and procedures and the role of the IGG will help to provide assurance in relation to information governance. The role is appropriate for senior personnel who are influential and knowledgeable of local operational processes.

IGGs' responsibilities include:

  • Ensure all staff and management are aware of the latest policies and standard operating procedures by cascading messages sent through the network, as well as appropriate articles published in newsletters, when prompted by the IGO.
  • Ensure awareness campaigns are fully executed and all staff receive the required training.This involves cascading guidance, providing information, advertising forums/events/workshops and monitoring training completion rates, through the network of Information Governance Coordinators (IGCs) where appropriate.
  • Monitor the annual review of the processing activities and assets that have been declared in your area of guardianship. This will entail from time to time chasing the business processing owners.
  • With the support of the IGO, ensure all staff under the area of guardianship are aware of the information governance tools available and assist in answering initial queries arising out of new processes / projects / initiatives / third parties requiring risk assessment (including Data Protection Impact Assessments). This will be required as and when the IGG is made aware of such projects.
  • When informed of information security incidents, data protection incidents, exceptions and risks, ensure they are captured, recorded and communicated in a timely manner and according to the relevant systems and assist in implementing any resulting recommendations.
  • Ensure good secure house-keeping practice is performed and maintained throughout the area of guardianship. Ensure the information governance maturity indicators are implemented, evidenced and reported quarterly , and undertake any resulting recommendations.
  • Where required, ensure that Information Governance Coordinators are nominated and trained for each functional area.
  • Provide management reports, on the information governance status and maturity indicators, to the local leadership team.
  • Pursue the adoption of information security, data protection and records management best practice.
  • If the IGG will no longer be able to fulfil this role (eg if they are planning to leave the University), they must inform their line manager and ask them to find a replacement. The IGGN chair should also be made aware so that they can ensure that a suitable replacement is nominated in a timely manner.

Who is my Information Governance Guardian?

This document requires CAS authentication.