Information Governance Sub-Committee

Terms of Reference

  1. Advising and reporting to the Infrastructure Committee (IC)

    1. To provide assurance to IC on the arrangements the University has in place to manage risk related to managing information governance, data privacy, information security risks and copyright; as well as mitigating actions designed to improve cultural, and technical assurance, around the use of personal and confidential information and data across the University.
    2. To consider information security breach trend analysis, in order to make recommendations regarding high-risk data security risks or issues to the Infrastructure Committee for possible further action.

  2. University Information Governance Framework

    1. To review, maintain, and support compliance with relevant regulatory requirements through the delivery of appropriate management structures as defined in the Information Governance framework.
    2. To define and support the implementation of clear roles and responsibilities relating to the management of the University’s core information and data assets (data domains).

  3. University Information Governance Polices

    1. To develop, review, maintain, and monitor policies to govern the management, use, and storage of information and data; ensuring they are relevant and assist the University in complying with its legal obligations and support relevant good practice.
    2. To oversee the implementation of the above policies across all sections of the University including steering the development, and monitoring the effectiveness of training and related initiatives.

  4. Communications, Learning and Development

    1. To oversee the development, delivery and implementation of communication, training and development opportunities to improve the knowledge and capabilities of University members and associates in managing and using personal and confidential information and data, and in complying with data privacy and security legislation.
    2. To ensure that University actions are informed by examples of good practice, guidance, and process from relevant sources. Including investigation outcomes, enforcement actions issued by the ICO, and input from staff groups.

Composition and Membership

  • Chair – Academic Registrar
  • Academic School Representative – Operations Manager
  • IT Services – Deputy Director of IT Services and Head of Information Solutions
  • Senior IT Specialist – IT Security Team Manager
  • Academic Staff Member Representative – Academic staff member with expertise in information governance
  • Library Representative
  • Data Domain Representatives – Staff, Student, and Research Data Stewards
  • Data Co-ordinator Representative
  • Information Governance Manager
  • Organisational Development Representative
  • Secretary