IT Security Policies

• Information Security Policy
• Technical Security Policy
  • IT Policies and Procedures associated with the technical security policy can be found in IT Regulations and Policies.

• Data Incident Reporting Form  - for personal data or confidential data, when completed please send to dataprotection@sgul.ac.uk

Personal Data:

• Personal Data Incident Reporting Procedure

• Personal Data Incident Investigation Process

• Personal Data Incident Investigation Report

For confidential data incidents where no personal data is involved:

• Confidential Data Incident Reporting Procedure

• Confidential Data Incident Investigation Process

• Confidential Data Incident Investigation Report

• Privacy by design procedure (PDF)

• Data protection impact assessment (DPIA) screening questions (Word)

• Data protection impact assessment (DPIA) form (Word)

• Research data protect impact assessment (RDPIA) - Protocol number JRESDOC0123. 

• Data handling guidance for principal investigators (PDF)

• Principal investigator (PI) leaflet (Word)

• Motivated intruder test (PDF)

• Information risk policy

• Information risk procedure (PDF)

• Information sharing procedure (Word)

• Information sharing guide (Word)

• Information asset guidance (Word)

• Personal Identifiable Data Information Asset Register (PIDIAR) Guidelines

• Compliance audit procedure (PDF)

• Clear desk and screen procedure (PDF)

• Bring Your Own Device

• Encrypted University Laptop Abroad Procedure

• Email Etiquette Guidance (Word)

• Research Information Governance Audit (RIGA) Process

• DASH Access Policy

• DASH User Guide
  • DASH Application Form

• IT conditions of use policy

• Janet acceptable use policy