As a Corporation Sole, all formal powers and duties of the ICO rest with the Commissioner. In line with the scale and complexity of the ICO's role and remit the Commissioner has formally delegated responsibility for the strategic leadership of the ICO to the Management Board, of which the Commissioner is the Chair. This approach of collective decision making principles is replicated throughout the ICO’s governance structure.

The Commissioner has also formally delegated responsibility for some of her regulatory, financial and procurement functions to her staff. The Scheme of Delegations is available.

The relationship between the formal decision making bodies at the ICO is detailed in the diagram below and in the committee Terms of Reference.  The work of all of these committees is supported by the Risk and Governance Department, which is responsible for the ICO’s corporate governance policies and procedures and for ensuring that the policies and procedures are followed. 

ico decision making structure

Purpose of the committees

Management Board

The Management Board meets quarterly and advises the Commissioner on matters which affect the strategic direction of the organisation, significant corporate risks and performance and delivery across the ICO’s responsibilities. It reviews progress against corporate strategies and plans, and advises on significant issues being managed by the Executive Team. The Board’s specific responsibilities are set out in the ICO’s Management Agreement with its sponsoring department (DCMS).

Audit Committee

The Audit Committee meets quarterly and advises the ICO’s Accounting Officer (the Commissioner) and supports the Management Board in respect of the effectiveness of the ICO’s risk management system and procedures and its internal controls. It does this by reviewing the comprehensiveness and reliability of assurances on governance, risk management, the control environment and the integrity of financial statements and the annual report. It has particular engagement with the work of internal audit, risk management, the external auditor, financial management and reporting issues. 

Executive Team

The Executive Team advises the Commissioner on the overall direction for the organisation. The Executive Team currently meets formally twice per month and informally twice per week, enabling the Executive Team members to collaborate effectively.

The Executive Team considers and makes decisions on the issues of greatest strategic importance to the ICO. It is concerned with setting the strategic direction of the organisation.

Senior Leadership Team

The Senior Leadership Team meets once per month. It is responsible for overseeing the delivery of the strategic direction set by the Executive Team. It does this through having responsibility for managing the delivery of priorities and goals across the ICO.

The Remuneration Advisory Panel

The Remuneration Advisory Panel meets up to three times per year and provides challenge, advice and scrutiny to the Commissioner on matters of Executive Team pay, development and succession planning. The Commissioner retains decision making responsibility for all matters relating to ICO pay and remuneration. 

Regulatory Panel

The Regulatory Panel meets when necessary to advise the Commissioner regarding proposed high-level regulatory action (fines in excess of £1m) as a result of breaches of legislation by data controllers. The panel meets after a notice of intent has been issued and representations have been received from the organisations involved and makes recommendations to the Commissioner about the level of fine to be issued.

Corporate Strategy & Planning Service Delivery Group (SDG)

The Corporate Strategy & Planning SDG supports the work of the Senior Leadership Team by considering and making decisions on areas of responsibility falling under the management of the Deputy Chief Executive Officer (Executive Director – Corporate Strategy & Planning Service).

The Corporate Strategy & Planning SDG also reviews and manages the Service’s risks and Directorate business plans, as well as reviewing performance information.

Regulatory Strategy SDG

The Regulatory Strategy SDG supports the work of the Senior Leadership Team by considering and making decisions on areas of responsibility falling under the management of the Deputy Commissioner (Executive Director – Regulatory Strategy Service).

The Regulatory Strategy SDG also reviews and manages the Regulatory Strategy Service’s risks and departmental business plans, as well as reviewing performance information.

Regulatory Supervision SDG

The Regulatory Supervision SDG supports the work of the Senior Leadership Team by considering an making decisions on areas of responsibility falling under the management of the Deputy Commissioner (Executive Director – Regulatory Supervision Service).

The Regulatory Supervision SDG will monitor operational performance and debate issues on an exception basis. The primary role of the Group is to debate and make decisions on Regulatory Supervision strategy and resource allocation.

Equality, Diversity & Inclusion Forum

The Equality, Diversity & Inclusion Forum contributes to the delivery of the ICO’s equality objectives and support the work of the various equality, diversity and inclusion networks. The Forum will also ensure that the ICO fulfils its statutory obligations in respect of equality and diversity, including the Public Sector and Specific duties.