As University members, we are all responsible for making sure University information is kept securely and used appropriately.
The University's Information Security policy (ISP-01) and its supporting policies provide a framework to help make sure that the data held and processed by the University is managed with the appropriate standards to keep it safe.
The policies comply with legal requirements including the Data Protection Act and the General Data Protection Regulation (GDPR).
The aims of the Information Security policies are:
We all have a requirement to work within the guidelines of the Information Security policies.
All University members should be familiar with the University's Information Security policy (ISP-01) and the key principles of the Information Security policies.
We should all:
| September 2024 | October 2024 | December 2024 | May 2025 |
|---|---|---|---|
| Outsourcing and Third Party Compliance ISP-04 | Information Security Policy (Overarching) ISP-01 | Compliance ISP-03 | Acceptable Use ISP-09 |
| Information Handling ISP-07 | Human Resources ISP-05 | System Management ISP-11 | |
| Network Management ISP-12 | User Management ISP-08 | Mobile and Remote Working ISP-14 | |
| Software Management ISP-13 | Encryption ISP-16 | PCI-DSS ISP-19 | |
| Investigation of Computer Use ISP-18 |
