The oversight body
Information Technology Policy Committee (ITPC)
Established by Council, the oversight body to ensure the well-coordinated governance, including information security and data management for the purpose of this Policy.
The 3rd level of defence
Internal Audit Office
The 2nd level of defence
University Data Protection Officer
Data and Security Team of IT Services
Task Force on Management of Research Data and Records
The 1st level of defence
The head of an administration office / faculty / department / school / centre or the Principal / Chief Investigator of a research programme or project (“unit”) who is the decision maker with respect to data collected and/or used in conducting the unit’s business. He or she has decision-making authority over any data collected and/or usedby the unit.
Any appropriate individual assigned by a Data Owner to facilitate the interpretation and implementation of data and information security policies, standards and guidelines.
Organisational functions (e.g., Human Resources Section) or individuals (e.g., staff,student, contractors, third party users) that are entrusted to operate on university data/information on a need basis as part of their assigned functions or employment orcontractual duties.
Individuals (e.g., staff, students, contractors, relevant third party users) or organisation functions (e.g., academic departments accessing student-related data on University Student Information System) that are entrusted to access and use university data on a need basis as part of their assigned employment or contractual duties or functions.