1. ISBP 2009 Self-Assessment

The ISBP 2009 activity demonstrated a need for further work in the area of Information Security within the collegiate University. The report produced for PICT showed that:
  • There are many areas where levels of compliance are very good, particularly the technical areas which are the direct responsibility of the ITSS.
  • The area of Information Handling is one where the levels of compliance are the lowest and further investigation is required.
  • The issues in the questionnaire cover much more than just IT and therefore, roles and responsibilities need to be clearly defined.
  • The role of the ICTF and the Information Security Advisory Group (IS-AG) is crucial to the success of this project.
Following that report, PICT agreed to fund 2 FTE for 18 months to carry on the project. Since then the activity has:
  • Reported back to the ICTF at the March ICTF meeting
  • Sent letters to the Heads of Department/College and the IT Officer/Administrator of those units that did not send back a completed questionnaire, in order to inform them of the work done and progress made under the project.
The rest of this report focuses on the activities for the coming 18 months.

Up: Contents Next: 2. Organisation of ISBP 2010

Sections in this document: