Information Security Policy

Information, in all its forms, is a primary resource of the University; its effective curation and protection is critical to the effective running an reputation of the University.

The objective of the Information Security Policy (the “Policy”) and supporting information management governance is to protect the University by preventing and limiting the impact of information security problems that might damage the University´s operation, reputation or business.

The Policy recognises the concepts of academic and individual freedom, and will aim to ensure that the University: employs appropriate security measures; adopts a suitable methodology for guiding the approach to managing security; and complies with all legal and contractual requirements.

Where necessary additional information governance that goes above and beyond this Policy will be put in place and must be adhered to. This is most commonly required where the data is considered to be more sensitive and/or where there is a legal, statutory or contractual requirement.

University of Sheffield Information Security Policy