The Information Security Framework Programme is a Cardiff University wide programme with the Director of Strategic Planning and Governance as Sponsor.
The purpose of the programme, is to create a framework by which the University can manage significant financial and reputational risks involved in collecting, storing and using personal and other data and to assure external stakeholders that the University can be regarded as secure in relation to the way it manages its information/data. The programme will look at all aspects of information security, both technological and organisational.
The objective is to create an information security framework which establishes or facilitates:
- clear lines of responsibility for information security and risk assessment,
- a University accepted classification of information types and information owners
- coherent suites of policies, procedures and guidance
- provision of appropriate technological tools with associated support
- identification of required training programmes
Further information about the programme can be found on the Information Security Framework Community:
https://connections.cf.ac.uk/communities/community/InfoSec (membership is open to all University Staff)