Information Security


Information Security Policy

We create and maintain documentation to support appropriate information security in all UCL operations. This includes reviewing existing documentation, developing new policies and retiring old ones.


Main Information Security Policy

Supporting Policies


The following are for UCL access only:
Codes of Practice
Data Protection

The Legal Services pages provide information and guidance to all UCL staff and students, on how personal data is processed under the General Data Protection Regulation (GDPR). This includes use of your individual rights under data protection legislation (e.g. the right of access to your personal data), and registration of research proposals that involve personal data.

Guidelines and Forms
Monitoring Forms

Please ensure completed monitoring forms are encrypted before being sent via email, see our page on encryption.  Passwords should be shared via an alternate method e.g. telephone. 

  • Form MO1 - Request for Monitoring and Access to Stored Documents and Email relating to Investigations (.doc)
  • Form MO2 - Request for Access to Stored Documents and Email - long-term absence or staff have left (.doc)
  • Form MO3 - Request for Authorisation of Routine Monitoring for operational purposes (.doc)
  • Form MO4 - Request Access to Stored Documents and Email by the suspended UCL user in relation to Disciplinary Proceedings (.doc)

Please see the checklist/guidance documents below for details of the MO4 process

ISD Only Policies