FOISA Response 20200819003-Smith
What position in the Council is designated as Senior Information Risk Owner (SIRO)?
Executive Director of Corporate Services
b. The name of your Data Protection Officer (DPO)?
Information otherwise available: https://www.dundeecity.gov.uk/service-area/chief-executive/chief-executives-
(click on Data Protection Officer heading)
c. Job title of the DPO, if not just DPO?
d. If the DPO also has other duties, approximately how much of their time is spent on
Not held, other duties are Freedom of Information as well as DPO for ALEOs (Arms
Length External Organisations).
e. If the DPO has other responsibilities, has a risk assessment been carried out to ensure
that any potential conflicts of interest as identified in the GDPR and the guidance from
the European Data Protection Board are managed? If so, has this been reviewed in light
of the recent decision of the Belgium Data Protection Authority (28 April 2020): https://edpo.com/news/dpo-and-conflict-of-interest-50-000e-fine-by-the-belgian-dpa/
f. The line manager of the DPO – i.e. the post that the post holder reports to. Is it the
The Information Governance Manager’s line manager is the Legal Services Manager.
g. Who the DPO reports to in their role as DPO if that differs from the line manager? Is it
h. At what spinal point is the DPO paid?
The spinal points for the role are: 62, 64, 67, 70
i. Key relevant qualifications that the DPO and SIRO hold or relevant training completed.
Refused, as qualifications held are personal to the individual.
2. And could you provide the relevant extract of the Council’s Organisational Chart that
shows the DPO, the DPO’s line manager, the post holder that the DPO reports to, the
SIRO and Chief Executive?
Executive Director for Corporate Services
Head of Democratic & Legal Services
Legal Services Manager
Information Governance Manager