Information Governance Policies

Policy 9 - Management of Information Security Incidents and Review of Policies

Summary

The University is committed to investigating and monitoring all reported information security incidents. This Policy provides clear guidance on what to do in the event that individuals become aware of an information security incident and, following this, how these are then subsequently handled by the University. The Policy details how incidents will be monitored by the University, with a view to identifying specific areas of risk, which may then result in recommendations to amend information security policies and/or the provision of further training.

Owner

Information Governance Sub-Committee

Version/review date

Version 1.4: Approved Februry 2023. Review date February 2027

Stakeholders

This Policy is relevant to all staff, students and external partners who handle University information. It is also relevant to members of the public who may become aware of an information security incident in which the University is involved.

Policy download

Management of Information Security Incidents and Review of Policies - PDF

Approved February 2023

Related document

Related Document: Report a Missing Laptop

To be completed if you discover your University laptop has been lost or stolen.

Reporting an incident

Reporting an incident - data breach form link

Information on the Data Privacy pages showing what to do if a data breach has occured

Contact usInformation Governance

Claire Vallance

Information Governance Manager

Tel: 01509 226686

Homepage: Visit website