ICT News, December 2006

Additional news items are available to staff only.

ICT Information Security Policy

The University sees information security as an essential part of enabling the proper sharing and use of information.

Therefore, after a period of development and consultation, a high-level ICT Information Security Policy has been approved by the Deputy Vice-Chancellor (Infrastructure), Professor Ann Brewer.

The purpose of the policy is to ensure that the creation, preservation, transmission and application of knowledge by the University through teaching, research, creative works and other forms of scholarship are supported by ICT systems in which information is managed in ways appropriate to its sensitivity.

The policy defines the University ICT environment as including central and devolved computer systems, databases, networks and devices. Sensitive information is defined as that containing personal, health, financial, and operational information or intellectual property; such information must be protected against unauthorised access, and only used for University business on a need-to-know basis.

The policy requires that each University ICT system have an assigned owner or custodian, who will be responsible for managing access to information in the system at a level commensurate to its sensitivity. Standards will be produced to support the policy.

The policy is in the process of being added to the Policy online website, and will be available there soon.