UCL Information Security Policy - main policy (under
review Jan 2013)
|
|
Annex:
|
|
Definition of Terms used in the Policy Documentation
|
|
User Guide (web version) (Leaflet pdf)
|
|
SUPPORTING POLICIES
|
|
1. UCL Data Protection Policy
|
|
2. UCL Computing Regulations (Acceptable Use Policy)
|
|
3. UCL Connecting Equipment to the College Network Policy
|
|
4. UCL Electronic Mail (e-mail) Policy
|
|
5. UCL Monitoring Computer and Network Use Policy
|
6. UCL Corporate Digital Data Ownership and Access Policy (.doc - access for UCL only)
....UCL Corporate Digital Data Ownership and Access Policy (.doc - public view)
|
|
7. UCL Freedom of Information Policy
|
|
8. UCL Environmental Information Policy
|
9. UCL Authentication Principles
|
10. UCL Password Policy and Principles
|
|
|
|
CODES OF PRACTICE
|
|
1. Appointment and role
of Custodians of information systems
|
|
2. Appointment and role
of Departmental Network Administrators
|
|
3. Information for Heads of Departments
and Custodians (including recommendations for system management procedures)
|
|
4. Code of Practice for System Custodians and Network Administrators at UCL
|
|
|
|
DATA PROTECTION - these forms available here
|
|
1. Instructions
for data protection coordinatorsÂ
|
|
2. Medical research - application for inclusion on data protection registrationÂ
|
|
3. Application
for inclusion in data protection registration for filing systems and
datasets for administrative and research purposesÂ
|
|
|
|
GUIDELINES AND FORMS
|
|
1. Information Security Questionnaire (.doc)
|
|
2. Security considerations in outsourced IT management arrangements
|
|
3. Computer Security Incident Reporting Procedures
|
|
4. Operational Criteria for Wireless Access Installations (Wireless Access Point registration)
|
|
5. Use of Email
|
|
6. E-learning Communication Tools
|
|
7. Handling Computer Accounts and Electronic Data of Leavers
|
|
8. Security Considerations in Tendering Processes
|
|
9. Guidelines on Using Skype within UCL
|
10. Classification of information held by UCL personnel, for security management purposes (.doc)
(pdf
version) (under review May 2013)
|
|
11. Guidelines on the use of software and general computing resources provided by third parties
|
|
12. Guidelines for using Web 2.0 services for teaching and learning
|
|
13. Procedure for handling requests under the Freedom of Information Act 2000
|
|
14. Procedure for handling requests under the Environmental Information Regulations 2004
|
|
Form M01 - Request for Authorization of Monitoring (.doc)
|
|
Form M02 - Request for Authorization of Access to Stored Documents (.doc)
|
|
Form M03 - Request for Authorization of Routine Monitoring (.doc)
|
|
|
|
FOR INFORMATION
|
|
1. Summary of changes approved by ISC on 19 March 2012
|
|
2. Summary of changes approved by ISC on 15 February 2011
|
|
3. Summary of changes approved by ISC on 1 December 2009
|
|
4. Summary of changes approved by ISC on 27 November 2008
|
|
5. Summary of changes approved by Chair of ISC September 2007
|
|
6. Summary of changes approved by Chair of ISC on 01 June 2007
|
|
7. Summary of changes approved by ISC on 01 March 2007
|
|
8. Summary of changes approved by ISC on 30 June 2005
|
