Document search
Fully-matching results
-
Access to information during periods of staff absence
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/access-to-information-during-periods-of-absence.pdfThis Policy defines the circumstances under which access to information held in email and files can be made during periods of absence, for business continuity purposes.…
-
University information classification policy
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/university-information-classification-policy.pdfDefine how people should respond to protective markings when accessing, handling, storing, transmitting and disposing of information or data that is protectively marked…
-
University information classification policy: implementation guide
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/information-classification-policy-implementation-guide.pdfGuidance on how to implement and work with the University information classification policy…
-
Supplier remote access requirements
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/supplier-remote-access-requirements.pdfManaging secure access to internal systems by third parties…
-
Maintaining the security of credit & debit card data - policy
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/maintaining-the-security-of-credit-&-debit-card-data----policy.pdfPolicy to cover PCI-DSS compliance (credit / debit cards)…
-
Best practice for device connectivity
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/best-practice-device-connectivity.pdfDocument outlining the best practice for securing devices connecting to the University network…
-
Electronic data destruction and media disposal policy
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/data-destruction-policy.pdfThis policy covers the destruction of electronic media that stores or has stored, University-owned data as defined within the Information Classification Policy…
-
University cyber incident and data breach management procedure
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/university-cyber-incident-and-data-breach-management-procedure.pdfProtocol for managing suspected cyber/personal data breach…
-
Use of generative AI - LLM
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/use-of-generative-ai---llm.pdfTo communicate the risks as presently understood to maintaining the confidentiality, integrity and availability of University information and personal data in the use of publicly available GenAI tools…
-
Travelling with technology
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/travelling-with-technology.pdfGuidance for securing technology whilst travelling…
-
Cyber risk levels
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/cyber-risk-levels.pdfDefine the cyber risk levels that are used to describe vulnerabilities.…
-
Vulnerability testing process
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/vulnerability-testing.pdfGuidance on when and how systems should be tested for security vulnerabilties…