Information Security policies
Information Security is defined as the preservation of confidentiality, integrity and availability of information.
Information Security Policy
Information Security Policy v2.2
If this document cannot be read by your assistive software, you can request an accessible version by emailing web@cardiff.ac.uk. Please include the assistive tools you use and the format you require.
This policy provides the overarching approach to the management of information security at Cardiff University and is the master policy document of the information security framework. All related policies shall be consistent with this policy.
Related policies
Cardiff University staff can find the Information Asset Equipment Disposal Policy by searching on the staff intranet.
| Name | Type | Last updated |
|---|---|---|
| Information Security Specification (Systems Level) Policy | 11/02/2021 | |
| IT Systems Password Policy | 25/01/2021 | |
| Information Security Remote and Mobile Working Policy | 25/01/2021 | |
| Information Security Training Policy | 25/01/2021 | |
| University IT Account Entitlement and Rights Assignment Policy | 25/01/2021 | |
| Records management policy | 3/12/2021 | |
| Information Security Metrics Gathering Policy | Word | 30/06/2023 |
| Information Security Classification and Handling Policy | Word | 14/11/2023 |
| Information Security Framework Testing Policy | Word | 28/06/2023 |
| Information Security Framework Review Policy | Word | 28/06/2023 |
| Information Security Incident Management Policy | Word | 25/07/2023 |
| Information Security Incident Management Policy - CY | Word | 25/07/2023 |