Information Security Policy
Main Information Security Policy
- User guideÌýto °×С½ãÂÛ̳'s Information Security Policy
- Supporting Policies
Ìý
The following are for °×С½ãÂÛ̳ access only:
- Codes of Practice
- Appointment and Role of Custodians of Information Systems
- Appointment and Role of Departmental Network Administrators
- Information for Heads of Departments and Custodians (including recommendations for system management procedures)
- Code of Practice for System Custodians and Network Administrators at °×С½ãÂÛ̳
- Data Protection
The Legal Services pages provide information and guidance to all °×С½ãÂÛ̳ staff and students, on how personal data is processed under the General Data Protection Regulation (GDPR). This includes use of your individual rights under data protection legislation (e.g. the right of access to your personal data), and registration of research proposals that involve personal data.
- Guidelines and Forms
- (.doc)
- Security considerations in outsourced IT management arrangements
- Computer Security Incident Reporting Procedures
- Operational Criteria for Wireless Access Installations ()
- Use of Email
- E-learning Communication Tools
- Handling Computer Accounts and Electronic Data of Leavers
- Security Considerations in Tendering Processes
- Classification of information held by °×С½ãÂÛ̳ personnel, for security management purposes - removed and replaced by
- Guidelines on the Use of Software and General Computing Resources Provided by Third Parties
- Guidelines for Using Web 2.0 Services for Teaching and Learning
- Information Security Architectural Principles
- Classification Tool:Ìý
- Guidance on Travelling Abroad for Research and Meetings
- Guidance on the Storage of Sensitive Data on Portable Devices and Media
- Guidance on Encryption of Email and Email Attachments
- Guidance on the Security of Cloud Services
- Guidance on Erasing Data Securely from Storage Media
- Monitoring Forms
Please ensure completed monitoring forms are encrypted before being sent via email, see our page onÌýencryption.Ìý Passwords should be shared via an alternate method e.g. telephone.Ìý
- - Request for Monitoring and Access to Stored Documents and Email relating to Investigations (.doc)
- - Request for Access to Stored Documents and Email - long-term absence or staff have left (.doc)
- - Request for Authorisation of Routine Monitoring for operational purposes (.doc)
- - Request Access to Stored Documents and Email by the suspended °×С½ãÂÛ̳ user in relation to Disciplinary Proceedings (.doc)
Please see the checklist/guidance documents below for details of the MO4 process
- ISD Only Policies
Ìý