ISDM Implementation Scope and Phases of Deployment

Phase I: Build Foundation (March 2017 – August 2017)

Phase I of the project is to:

  • Set up Governance and Supporting Parties
  • Endorse and issue the new Policy and relevant standards/guidelines
  • Align standards/guidelines with the new Policy
  • Deliver briefing and training sessions to HKU users
  • Implement data/information classification

Phase II: Bridge Gap (September 2017 – August 2018)

Phase II of the project is to:

  • Conduct trainings to HKU users
  • Provide guidance to departments/offices/work units in HKU
  • Execute improvement plans

Phase III: Obtain Comfort (September 2018 – August 2019)

Phase III of the project is to embed ISDM practices into faculties/departments/schools/centres/offices/work units in HKU.


  1. Set up a University-wide Committee overseeing information security and data management with enforcement authority to reflect its strategic oversight of information technology, and the need for enhancement and resource authority.
  2. Deploy Information Security and Data Management Policy.
  3. Embed information security and data management into Business-As-Usual.
  • Phase 1 – “Build Foundation”
  • Phase 2 – “Bridge Gaps”
  • Phase 3 – “Obtain Comfort”
  1. Empower ITS and ensure sufficient data and security capability and capacity in order to increase involvement in a number of areas, e.g.,
  • University data/ information architecture and security architecture
  • Data & data management standards and security & security management standards/tools
  • Risk/compliance assessments and monitoring at appropriate/ required points