New: In July 2012 an Information Security Policy was approved by Council and this will be implemented across the University. For further information about this IS Policy and resources such as the IS Toolkit to help you implement this in your unit please see the Information Security pages from the InfoSec project in the IT Services department. The University IS Policy supersedes the policy on the ISBP pages below.
- This policy was written by the University's ICTF Information Security Advisory Group in consultation with the Legal Services Office, Council Secretariat and the Information Security Best Practice Project. It is written in accordance with the UCISA information security toolkit and, consequently, in line with the ISO/IEC 27002:2005 Information technology - Security techniques - Code of practice for information security management.
- The policy has been approved by the PRAC ICT Sub-committee (PICT), the principal advisory body to PRAC and Council on all aspects of ICT. The ISBP team are now working with Council Secretariat to finalise the wording and to begin the process of submitting the policy to Council, the University's executive governing body. Our aim is to have the policy approved by Council and for it to become part of the Terms and Conditions of Employment for the University.
- The policy is supported by an Information Security Toolkit which provides suggested technical solutions and sub-policies to help departments, faculties, colleges and halls implement the principles: Online Toolkit.