New - for consultation:

Please send feedback to isg(at)ucl.ac.uk

UCL INFORMATION SECURITY POLICY

Annex:

Supporting policies

Codes of practice

Data protection

  1. Instructions for data protection coordinators 
  2. Medical research - application for inclusion on data protection registration 
  3. Application for inclusion in data protection registration for filing systems and datasets for administrative and research purposes

Guidelines and forms

  1. Information Security Questionnaire (.doc)
  2. Security considerations in outsourced IT management arrangements
  3. Computer Security Incident Reporting Procedures
  4. Operational Criteria for Wireless Access Installations (Wireless Access Point registration)
  5. Use of Email
  6. E-learning Communication Tools
  7. Handling Computer Accounts and Electronic Data of Leavers
  8. Security Considerations in Tendering Processes
  9. Guidelines on Using Skype within UCL
  10. Classification of information held by UCL personnel, for security management purposes (.doc)
  11. (pdf version of the above) (under review May 2013)
  12. Guidelines on the use of software and general computing resources provided by third parties
  13. Guidelines for using Web 2.0 services for teaching and learning
  14. Procedure for handling requests under the Freedom of Information Act 2000
  15. Procedure for handling requests under the Environmental Information Regulations 2004

For information

The above polices have been endorsed by the Information Services Governance Committee (ISGC). The Security Working Group makes recommendations on information security and reports to the Infrastructure & Common Shared IT Services Group (IISG), which then reports to the Information Services Governance Committee.

Page last modified on 02 apr 14 10:33