Information Security Policy

Status: Update Reviewed by Executive October 2018 
Version: 2019.2 Final
Date: February 2019
Reviewed: Annually
Classification: Public

This version includes changes recommended by PWC in their Information Security Audit (March ‘18)

Which Sections are likely to be relevant to me?

Policy Section

Undergraduate

Post Graduate/ Researcher / Academic

Technical / System Owners

Information Security Policy

Information Security Policy – Executive Summary

Section 1 – Relevant Legislation to Information Security Policy

Section 2 – Authorised Officers

 

 

 

Section 3 – Additional requirements

Section 4 - Outsourcing and Third Party Compliance

 

Section 5 - Human Resources

 

 

Section 6 – Internet Filtering, Recording and Retention.

 

 

Section 7- Information Handling

 

Section 8 - User Management

 

 

Section 9

 

 

 

Section 10 - System Planning and Development

 

 

Section 11 - System Management

 

 

Section 12 - Network Management

 

 

Section 13 - Software Management

 

 

Section 14 - Mobile and Remote Working

 

Section 15 – Cloud Storage

 

Section 16 - Encryption

 

Section 17 – Security Sensitive Research (Approval and Storage)

 

Section 18 - Investigation of Computer Use

 

Section 19 - Passwords

Section 20 - Guidelines for system and network administrators

 

 

Section 21 - Guidelines for Security and Penetration Testing