2. Information Security Policy
Our aim was to provide you with an Information Security policy, approved by
Council and supported by the University:
New Information Security Policy
We focused on consolidating the pre-existing policies on Information Security into one document. That resulting policy (new Information Security Policy) defines the University's objectives for Information Security in line with its operational requirements and strategic plan. It also defines the scope of the policy and identifies roles and responsibilities for security.
In a devolved environment, such as a collegiate university, it is imperative that the policy should not go into detail about how those objectives should be met: each unit within the University will have their own methods, practices and controls in order to achieve the objectives, depending on local influences. The Information Security Toolkit provides guidance as to how those objectives might be met.
- Nov 2011: as part of the process of submitting to Council, the new Information Security Policy will be submitted to PRAC in December 2011
- July 2011: The ISBP team are now working with Council Secretariat to finalise the wording of the policy and then submit it to Council
- June 2011: Approved by PICT - Information Security Policy, June 2011
- Nov 2010: Submitted to PICT - Covering Letter and Draft Information Security Policy v 1.1 [pdf 58 KB]