Information Security Policy

Information is a vitally important University asset and we all have a responsibility to make sure that this information is kept safe and used appropriately. Without due care, personal, research or business  information can be misplaced or leaked, which is a big enough problem in itself without the added difficulty of having to protect it against increasingly proactive and sophisticated attempts at theft.

Therefore, the University has adopted an Information Security Policy that complies with stringent legal requirements and provides the necessary assurance that data held and processed by the University is treated with the highest appropriate standards to keep it safe. The aims are: to raise your awareness to avoid inadvertently causing others inconvenience through disclosure of data; to avoid breaking the law; to avoid causing the University financial and reputational damage.

The majority of organisations know the dangers of information security breaches and some have suffered intellectual theft, serious reputational damage and in some cases fines for negligent management of data. We all have a requirement to work within the guidelines of the policy and by doing this you can help ensure the safety of your own data and that of others.

In simple terms, the most common causes of data loss or leakage can be avoided by:

What do I need to know?

We don’t otherwise expect you to read the policy in its entirety but we do expect all University members to be familiar with the key principles of the policy and associated sub-policies. Further information on these key principles is available in the form of a table of information security do's and don'ts.