OSINT Planning for Risk Management & Compliance

THE OSINT RISK MANAGEMENT & COMPLIANCE TRAINING

A training to prepare Risk & Compliance officers with oversight for OSINT processing within their organisation.
This is a single module training.

WHY THIS TRAINING WAS CREATED

While GDPR principles apply to OSINT processing, most training reaches practitioners who become overwhelmed when trying to navigate complex regulatory requirements.
This might create operational paralysis where some organisations avoid investigations entirely and many OSINT teams proceed without proper guidance.

The regulatory landscape around OSINT compliance contains uncertainties that practitioners cannot resolve independently.
Critical issues such as the appropriate documentation of the lawful basis and, where required, special category data handling, require interpretation and direction by qualified compliance professionals.

This training targets the decision-makers who can provide clarity: compliance officers, risk managers, and legal teams with authority to create practical OSINT processing guidelines.
These frameworks remove uncertainty for practitioners while ensuring organisational compliance and the reduction or elimination of legal risk.

Course Code Class: LOT-S-C

CPD Credits: NYA

TRAINING OBJECTIVES

Enable organisations to create safe and effective GDPR/UK-GDPR compliance guidelines for OSINT practitioners. Covers framework development, lawful processing procedures, and organisational safeguards that protect practitioners while maintaining investigation effectiveness.

LEARNING OUTCOMES

Upon completion, participants will have created frameworks that protect the organisation from regulatory risk, safeguard practitioners from personal liability, and ensure investigation integrity while maintaining operational effectiveness.

PRICE OF A PLACE ON THE OSINT PLANNING TRAINING

LOT-S-C PRICE: £99 + VAT per person PAY NOW!

Prices in Euros and US Dollars are provided in the payment process
In Europe the RCM is applied for VAT/TVA registered organisations
Outside Europe VAT is not charged

SECTIONS OF THE OSINT PLANNING TRAINING

Section 1: Foundation for Lawful OSINT Processing

This section establishes the fundamental framework by demonstrating how OSINT investigations fall squarely within GDPR/UK-GDPR scope. It addresses the critical misconception that publicly available data is exempt from data protection obligations, explaining why lawful processing is essential for protecting the data subject's rights, the practitioner from personal liability, and the organisation from regulatory and reputational damage.

Section 2: Establishing Lawfully Compliant Basis for OSINT Processing

This section provides the essential legal framework for OSINT processing, systematically working through Article 6 requirements to identify viable lawful bases. It eliminates non-viable options and a focus on the two practical bases for OSINT: Public Task and Legitimate Interests.

Section 3: Types of Data Subject and Special Categories

This section addresses the complex landscape of data subjects encountered in OSINT investigations and the special category data that frequently emerges. It provides practical frameworks for handling primary subjects, associates, incidental parties, and people at risk, while ensuring appropriate safeguards for sensitive personal data.

Section 4: Risk Management and Practitioner Protection

The focus of section 4 is operational safeguards that protect both practitioners and organisations during OSINT processing. It moves beyond legal compliance to address duty of care obligations and practical risk mitigation strategies.

Section 5: When Civil Investigations Become Criminal Matters

This section addresses the reality that both private sector and public authority OSINT practitioners encounter processing context switches. Civil investigations may uncover criminal behaviour requiring elevated safeguards, while criminal processing teams may handle civil matters requiring adjusted approaches. It provides frameworks for managing bidirectional transitions between processing contexts.

Section 6: Unused Material and OSINT Retention

The focus for section 6 is on managing the substantial volumes of unused material that OSINT investigations generate, addressing retention schedules, deletion obligations, and evidential integrity requirements.

Section 7: External Processors and Dual-Role Scenarios

This section explores the complexities of outsourcing OSINT to external processors and managing relationships where processors may also act as controllers for specific activities. It addresses third-party risk management and contractual frameworks for compliant OSINT outsourcing.

Section 8: Bringing It All Together

This final section synthesises the content and provides practical frameworks for implementing lawful OSINT practices within existing organisational structures. It emphasises GDPR as both a compliance requirement and an operational asset.

This training is open to all Compliance and Risk Management Officers.

SIU Managers and OSINT Team Leaders are encouraged to attend.

Start Notice: By email, each delegate is sent a reminder, 24 hours and 1 hour before the upcoming Live Online Training commences.

Each Live Online Training is delivered in the morning, within the UTC 0 time zone.

Axeten has the capacity to deliver in other time zones.

The typical duration of a LOT is 120 minutes.

Prior to the start of the Live Online Training, the Help Notes are distributed by email to each trainee.
The Help Notes follow the slides presented in the LOT and provide a lot of detail.
During the LOT, there is no need for the trainee to take notes.

The client may choose the online delivery platform. 
We always deliver through our preferred platform which is Brave Talk.
Brave Talk is easy to access and it respects user privacy.

Also, there is a choice of Zoom and Microsoft Teams.
Zoom & Teams are not privacy conscious.
Even though Axeten has premium accounts, Zoom & Microsoft will collect data about people connecting with these platforms.

So why do we use them? Because they are popular, particularly with IT service providers and people rely on them.

The LOT can be accessed from your office, home or even from a mobile device.
 

The Live Online Training is recorded. This is a video recording.
All delegates and in particular, those that are not able to attend a Live Online Training, can request access to the recording.
There is no additional fee for the recording service.

TRAINING MATERIAL MAINTENANCE

Prior to the delivery of every training, Axeten conducts a complete review of all of the training material.
Any significant update located during any review is applied to the training material.
All review and update activity is recorded and signed off by a director.

 

LIFE LONG LEARNING

The best and most cost effective way for you to stay up-to-date is to subscribe to the Life Long Learning programme.

 

NEWSLETTERS

The monthly Axeten OSINT Newsletter provides info about new tools, techniques and resources.
Also, in each Newsletter from August 2025 onwards, there will be one item that relates to risk management and/or compliance.
Subscribe to the OSINT Newsletter.

 

NEW COURSE INFO

Bookmark this page and check for new course dates or subscribe to the Axeten Training Newsletter.

 

 

Currently, there is no Assessment & Certification.

Where there is a demand for assessment, it shall be provided.

When a trainee cannot attend the online training, the trainee will receive all of the training material for the missed module and a video recording of the missed Live Online Training.

Also, there is an option to join a subsequent LOT-S-C training.
No charge.

Scope: An OSINT Planning training that covers risk management and lawful compliance.

Audience: Anyone with an interest in the safe and effective processing of OSINT Investigations

Jurisdiction: No jurisdiction limitations

Format: One Live Online Training with Help Notes.

Technical Requirements: No specialist equipment is required, just a standard desktop or laptop computer with a good Internet connection and a Firefox Browser. A webcam and a microphone are optional.

Data Protection: Each organisation and all its trainees, that take the training are responsible for protecting the data that might be processed during the training. Do not leak data to corporate interests. To do this, avoid the use of the Chrome or Edge Browsers.

Copyright: Each recipient of the training is obliged to protect any digital asset provided by Axeten. There is no right to distribute the material.

Security: Each recipient of the training, and any purchasing organisation, is obliged to ensure that all computers and devices used during the course, are not compromised, so the material is not distributed unintentionally.

Accreditation: This course is not yet accredited by The CPD Group.

Sign-up: Please contact Axeten to sign-up for the training or to request more information.

OSINT Planning for Risk Management & Compliance
Course Code: LOT-S-C-25-09

A training to prepare Risk & Complaince officers for OSINT processing within their organisation

CPD Credits: 2 Hours
Starts on:
Wednesday 3 September 2025
Duration:

2 Hours
10 am start. UK time

Price: £99 + VAT
OSINT Planning for Risk Management & Compliance
Course Code: LOT-S-C-25-11

A training to prepare Risk & Complaince officers for OSINT processing within their organisation

Starts on:
Wednesday 5 November 2025
Duration:

2 Hours
10 am start. UK time