Table of Contents
The 3-Level Defence
- Set up a University-wide Committee overseeing information security and data management with enforcement authority to reflect its strategic oversight of information technology, and the need for enhancement and resource authority.
- Deploy Information Security and Data Management Policy.
- Embed information security and data management into Business-As-Usual.
- Phase 1 – “Build Foundation”
- Phase 2 – “Bridge Gaps”
- Phase 3 – “Obtain Comfort”
- Empower ITS and ensure sufficient data and security capability and capacity in order to increase involvement in a number of areas, e.g.,
- University data/ information architecture and security architecture
- Data & data management standards and security & security management standards/tools
- Risk/compliance assessments and monitoring at appropriate/ required points