The University operates in a highly competitive global market for students, staff and research funding in which information is a valuable asset. At the same time the University must comply with the law and protect its interests – avoiding or mitigating the risk of damage or prejudice resulting from unauthorised or accidental disclosure, modification or destruction of information.
Information Security, including cyber or IT security, is concerned with keeping the impact and occurrence of information security incidents within the University’s risk appetite levels by applying the principles of:
- Confidentiality– preventing unwanted access to information;
- Integrity– preventing, or repairing unwated changes;
- Availability– delivering information when and where it is needed;
- Dependability– delivering information when and where it is needed;
- Accountability– recording decisions and actions;
- Life Cycle– manage information through its complete life cycle.
IT Services is responsible for defining, operating and monitoring a risk-based system for information security management including policies, standards, procedures, controls and records.
For further information on IT security, please contact:
David DeightonChief Information Security OfficerIT Services
Phone: 0121 414 4748
Chris BaylissIT Security ManagerIT Services
Phone: 0121 414 3991