Document search

Travelling with technology

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/travelling-with-technology.pdf

Guidance for securing technology whilst travelling…

File location:: Information governance and management > Information security
Published date:: 22 February 2024
Document type:: Guidance
Scope (applies to):: All staff

Cyber risk levels

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/cyber-risk-levels.pdf

Define the cyber risk levels that are used to describe vulnerabilities.…

File location:: Information governance and management > Information security
Published date:: 22 February 2024
Document type:: Guidance
Scope (applies to):: All staff

Vulnerability testing process

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/vulnerability-testing.pdf

Guidance on when and how systems should be tested for security vulnerabilties…

File location:: Information governance and management > Information security
Published date:: 22 February 2024
Document type:: Guidance
Scope (applies to):: All staff

University cyber incident and data breach management procedure

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/university-cyber-incident-and-data-breach-management-procedure.pdf

Protocol for managing suspected cyber/personal data breach…

File location:: Information governance and management > Information security
Published date:: 7 February 2024
Document type:: Procedure
Scope (applies to):: All staff

Best practice for device connectivity

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/best-practice-device-connectivity.pdf

Document outlining the best practice for securing devices connecting to the University network…

File location:: Information governance and management > Information security
Published date:: 27 November 2023
Document type:: Guidance
Scope (applies to):: All staff

Electronic data destruction and media disposal policy

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/data-destruction-policy.pdf

This policy covers the destruction of electronic media that stores or has stored, University-owned data as defined within the Information Classification Policy…

File location:: Information governance and management > Information security
Published date:: 27 November 2023
Document type:: Policy
Scope (applies to):: All staff

University privacy notice: St Andrews online courses

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-privacy-information/digital-short-courses.pdf

To inform people how the University collects and uses their personal data when providing digital short courser education.…

File location:: Information governance and management > Data protection > Privacy Information
Published date:: 12 September 2023
Document type:: Policy
Scope (applies to):: Public

Maintaining the security of credit & debit card data - policy

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/maintaining-the-security-of-credit-&-debit-card-data----policy.pdf

Policy to cover PCI-DSS compliance (credit / debit cards)…

File location:: Information governance and management > Information security
Published date:: 5 May 2023
Document type:: Policy
Scope (applies to):: All staff

Supplier remote access requirements

Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/supplier-remote-access-requirements.pdf

Managing secure access to internal systems by third parties…

File location:: Information governance and management > Information security
Published date:: 3 May 2023
Document type:: Guidance
Scope (applies to):: All staff

University privacy notice: student recruitment

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-privacy-information/student_recruitment_privacy_notice.pdf

To advice people how their personal data are used by the University…

File location:: Information governance and management > Data protection > Privacy Information
Published date:: 19 October 2022
Document type:: Policy
Scope (applies to):: Public

University Privacy notice: collection and use of employee personal data

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-privacy-information/staff_privacy_notice.pdf

To advise people how their personal data are used by the University…

File location:: Information governance and management > Data protection > Privacy Information
Published date:: 19 October 2022
Document type:: Policy
Scope (applies to):: All staff

Data governance policy

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-governance/data-governance-policy.pdf

The purpose of this policy is to describe the University’s approach to data governance in terms of data availability, data accessibility and data quality and to outline how clear accountability for each is managed.…

File location:: Information governance and management > Data governance
Published date:: 23 June 2021
Document type:: Policy
Scope (applies to):: All staff

University privacy notice: Development

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-privacy-information/university-privacy-notice-development.pdf

The purpose of this privacy notice is to inform alumni and friends how their personal information will be used by the University.…

File location:: Information governance and management > Data protection > Privacy Information
Published date:: 20 July 2020
Document type:: Policy
Scope (applies to):: Public

Access to information during periods of staff absence

https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/access-to-information-during-periods-of-absence.pdf

This Policy defines the circumstances under which access to information held in email and files can be made during periods of absence, for business continuity purposes.…

File location:: Information governance and management > Information security
Published date:: 4 February 2020
Document type:: Policy
Scope (applies to):: All staff

Music Centre privacy notice

https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/music-centre-privacy-notice.pdf

File location:: Information governance and management > Information-security
Published date:: 3 July 2019
Document type:: Policy
Scope (applies to):: Public

Records Management Policy

https://www.st-andrews.ac.uk/policy/information-governance-and-management-records-management/records-management-policy.pdf

To provide direction on how University records are to be managed to preserve their value.…

File location:: Information governance and management > Records management
Published date:: 1 July 2019
Document type:: Policy
Scope (applies to):: All staff

Requests for personal data by the Police or a similar third party for the purposes of the prevention or detection of crime, apprehension or prosecution of offenders, or for taxation

https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-sharing-personal-data-with-third-parties/release-of-personal-data-for-crime-prevention.pdf

File location:: Information governance and management > Data protection > Sharing-personal-data-with-third-parties
Published date:: 1 July 2019
Document type:: Policy
Scope (applies to):: All staff