Our vision is to be an outstanding and inclusive University community, committed to excellence in research and education, embracing the opportunities of today’s world and addressing its challenges. To support our vision, we need to ensure operational resilience and integrity of systems and services for the benefit of all students, staff and university stakeholders
In order to maintain service and continuity of operation, we have implemented an Information Security Management System (ISMS) in line with the International Standard for Information Security, ISO/IEC 27001.
The operation of this ISMS has many benefits including:
- Protecting Student and Research Data
- Protecting funding to ensure development of the University
- Ensuring the continuity of services to Students and Staff
- Maintaining and enhancing of University reputation
- Complying with legal and regulatory requirements
An Information Security Policy is available in electronic form and will be communicated to all members of the University.
Commitment to the delivery of information security extends to our University Executive and will be demonstrated through Information Security Policy and the provision of appropriate resources to establish and develop the ISMS.
Senior management will mandate a systematic review of programme performance on a regular basis to ensure that information security objectives are met and relevant issues identified through the audit programme and management processes.
We will adopt a risk management approach and processes in line with the requirements and recommendations of ISO/IEC 27001. Risk management will take place at several levels within the ISMS, including:
- Assessment of risk to underpin our information security objectives
- Regular information security risk assessments within specific operational areas
- Assessment of risk as part of the business change management process
- At a project level as part of managing significant change
We would encourage all members of our University – faculty, staff and students to ensure that they play their part in delivering our information security objectives.
Chris Youles
Chief Information & Digital Officer