Heads of departments, divisions, or faculty board chairs are responsible for effectively implementing the University’s information security policy, and supporting standards and procedures.
This requires a local policy framework, which covers:
- Defining and classifying information
- Compliance with the University’s baseline controls security self-assessments (BCSA)
- Managing internal and third-party information security risk
- Security awareness training for staff and incident reporting
Some examples of useful policy information and guidance can be seen below, visit our Policy and 'I want to...' sections to find out more.