THE OSINT RISK MANAGEMENT & COMPLIANCE TRAINING
A training to prepare Risk & Compliance officers with oversight for OSINT processing within their organisation.
This is a single module training.
WHY THIS TRAINING WAS CREATED
While GDPR principles apply to OSINT processing, most training reaches practitioners who become overwhelmed when trying to navigate complex regulatory requirements.
This might create operational paralysis where some organisations avoid investigations entirely and many OSINT teams proceed without proper guidance.
The regulatory landscape around OSINT compliance contains uncertainties that practitioners cannot resolve independently.
Critical issues such as the appropriate documentation of the lawful basis and, where required, special category data handling, require interpretation and direction by qualified compliance professionals.
This training targets the decision-makers who can provide clarity: compliance officers, risk managers, and legal teams with authority to create practical OSINT processing guidelines.
These frameworks remove uncertainty for practitioners while ensuring organisational compliance and the reduction or elimination of legal risk.
TRAINING OBJECTIVES
Enable organisations to create safe and effective GDPR/UK-GDPR compliance guidelines for OSINT practitioners. Covers framework development, lawful processing procedures, and organisational safeguards that protect practitioners while maintaining investigation effectiveness.
LEARNING OUTCOMES
Upon completion, participants will have created frameworks that protect the organisation from regulatory risk, safeguard practitioners from personal liability, and ensure investigation integrity while maintaining operational effectiveness.
PRICE OF A PLACE ON THE OSINT PLANNING TRAINING
LOT-S-C PRICE: £99 + VAT per person PAY NOW!
Prices in Euros and US Dollars are provided in the payment process
In Europe the RCM is applied for VAT/TVA registered organisations
Outside Europe VAT is not charged
SECTIONS OF THE OSINT PLANNING TRAINING
Section 1: Foundation for Lawful OSINT Processing
This section establishes the fundamental framework by demonstrating how OSINT investigations fall squarely within GDPR/UK-GDPR scope. It addresses the critical misconception that publicly available data is exempt from data protection obligations, explaining why lawful processing is essential for protecting the data subject's rights, the practitioner from personal liability, and the organisation from regulatory and reputational damage.
Section 2: Establishing Lawfully Compliant Basis for OSINT Processing
This section provides the essential legal framework for OSINT processing, systematically working through Article 6 requirements to identify viable lawful bases. It eliminates non-viable options and a focus on the two practical bases for OSINT: Public Task and Legitimate Interests.
Section 3: Types of Data Subject and Special Categories
This section addresses the complex landscape of data subjects encountered in OSINT investigations and the special category data that frequently emerges. It provides practical frameworks for handling primary subjects, associates, incidental parties, and people at risk, while ensuring appropriate safeguards for sensitive personal data.
Section 4: Risk Management and Practitioner Protection
The focus of section 4 is operational safeguards that protect both practitioners and organisations during OSINT processing. It moves beyond legal compliance to address duty of care obligations and practical risk mitigation strategies.
Section 5: When Civil Investigations Become Criminal Matters
This section addresses the reality that both private sector and public authority OSINT practitioners encounter processing context switches. Civil investigations may uncover criminal behaviour requiring elevated safeguards, while criminal processing teams may handle civil matters requiring adjusted approaches. It provides frameworks for managing bidirectional transitions between processing contexts.
Section 6: Unused Material and OSINT Retention
The focus for section 6 is on managing the substantial volumes of unused material that OSINT investigations generate, addressing retention schedules, deletion obligations, and evidential integrity requirements.
Section 7: External Processors and Dual-Role Scenarios
This section explores the complexities of outsourcing OSINT to external processors and managing relationships where processors may also act as controllers for specific activities. It addresses third-party risk management and contractual frameworks for compliant OSINT outsourcing.
Section 8: Bringing It All Together
This final section synthesises the content and provides practical frameworks for implementing lawful OSINT practices within existing organisational structures. It emphasises GDPR as both a compliance requirement and an operational asset.
This training is open to all Compliance and Risk Management Officers.
SIU Managers and OSINT Team Leaders are encouraged to attend.
Start Notice: By email, each delegate is sent a reminder, 24 hours and 1 hour before the upcoming Live Online Training commences.
Each Live Online Training is delivered in the morning, within the UTC 0 time zone.
Axeten has the capacity to deliver in other time zones.
The typical duration of a LOT is 120 minutes.
Prior to the start of the Live Online Training, the Help Notes are distributed by email to each trainee.
The Help Notes follow the slides presented in the LOT and provide a lot of detail.
During the LOT, there is no need for the trainee to take notes.
The client may choose the online delivery platform.
We always deliver through our preferred platform which is Brave Talk.
Brave Talk is easy to access and it respects user privacy.
Also, there is a choice of Zoom and Microsoft Teams.
Zoom & Teams are not privacy conscious.
Even though Axeten has premium accounts, Zoom & Microsoft will collect data about people connecting with these platforms.
So why do we use them? Because they are popular, particularly with IT service providers and people rely on them.
The LOT can be accessed from your office, home or even from a mobile device.
The Live Online Training is recorded. This is a video recording.
All delegates and in particular, those that are not able to attend a Live Online Training, can request access to the recording.
There is no additional fee for the recording service.
TRAINING MATERIAL MAINTENANCE
Prior to the delivery of every training, Axeten conducts a complete review of all of the training material.
Any significant update located during any review is applied to the training material.
All review and update activity is recorded and signed off by a director.
LIFE LONG LEARNING
The best and most cost effective way for you to stay up-to-date is to subscribe to the Life Long Learning programme.
NEWSLETTERS
The monthly Axeten OSINT Newsletter provides info about new tools, techniques and resources.
Also, in each Newsletter from August 2025 onwards, there will be one item that relates to risk management and/or compliance.
Subscribe to the OSINT Newsletter.
NEW COURSE INFO
Bookmark this page and check for new course dates or subscribe to the Axeten Training Newsletter.
Currently, there is no Assessment & Certification.
Where there is a demand for assessment, it shall be provided.
When a trainee cannot attend the online training, the trainee will receive all of the training material for the missed module and a video recording of the missed Live Online Training.
Also, there is an option to join a subsequent LOT-S-C training.
No charge.
Scope: An OSINT Planning training that covers risk management and lawful compliance.
Audience: Anyone with an interest in the safe and effective processing of OSINT Investigations
Jurisdiction: No jurisdiction limitations
Format: One Live Online Training with Help Notes.
Technical Requirements: No specialist equipment is required, just a standard desktop or laptop computer with a good Internet connection and a Firefox Browser. A webcam and a microphone are optional.
Data Protection: Each organisation and all its trainees, that take the training are responsible for protecting the data that might be processed during the training. Do not leak data to corporate interests. To do this, avoid the use of the Chrome or Edge Browsers.
Copyright: Each recipient of the training is obliged to protect any digital asset provided by Axeten. There is no right to distribute the material.
Security: Each recipient of the training, and any purchasing organisation, is obliged to ensure that all computers and devices used during the course, are not compromised, so the material is not distributed unintentionally.
Accreditation: This course is not yet accredited by The CPD Group.
Sign-up: Please contact Axeten to sign-up for the training or to request more information.
A training to prepare Risk & Complaince officers for OSINT processing within their organisation
Wednesday 3 September 2025
2 Hours
10 am start. UK time
A training to prepare Risk & Complaince officers for OSINT processing within their organisation
Wednesday 8 October 2025
2 Hours
10 am start. UK time