Document search
Fully-matching results
-
Supplier remote access requirements
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/supplier-remote-access-requirements.pdfManaging secure access to internal systems by third parties…
-
Maintaining the security of credit & debit card data - policy
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/maintaining-the-security-of-credit-&-debit-card-data---policy.pdfPolicy to cover PCI-DSS compliance (credit / debit cards)…
-
Travelling with technology
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/travelling-with-technology.pdfGuidance for securing technology whilst travelling…
-
Cyber risk levels
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/cyber-risk-levels.pdfDefine the cyber risk levels that are used to describe vulnerabilities.…
-
Vulnerability testing process
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/vulnerability-testing.pdfGuidance on when and how systems should be tested for security vulnerabilties…
-
University cyber incident and data breach management procedure
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/university-cyber-incident-and-data-breach-management-procedure.pdfProtocol for managing suspected cyber/personal data breach…
-
Use of generative AI - LLM
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/use-of-generative-ai---llm.pdfTo communicate the risks as presently understood to maintaining the confidentiality, integrity and availability of University information and personal data in the use of publicly available GenAI tools…
-
Best practice for device connectivity
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/best-practice-device-connectivity.pdfDocument outlining the best practice for securing devices connecting to the University network…
-
Electronic data destruction and media disposal policy
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/data-destruction-policy.pdfThis policy covers the destruction of electronic media that stores or has stored, University-owned data as defined within the Information Classification Policy…
-
Maintaining the security of credit & debit card data - policy
Password protected https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/internal/maintaining-the-security-of-credit-&-debit-card-data----policy.pdfPolicy to cover PCI-DSS compliance (credit / debit cards)…
-
University Privacy notice: collection and use of employee personal data
https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-privacy-information/staff_privacy_notice.pdfTo advise people how their personal data are used by the University…
-
Data governance policy
https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-governance/data-governance-policy.pdfThe purpose of this policy is to describe the University’s approach to data governance in terms of data availability, data accessibility and data quality and to outline how clear accountability for each is managed.…
-
University privacy notice: exchange of student personal data with partner institutions and other educational colloborations
https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-university-privacy-notice-exchange-of-student-personal-data-with-partner-institutions-and-other-educational-collaborations/university-privacy-notice---overseas-students.pdfTo inform students how their personal details may be exchanged with partner institution or another body collaborating with the University to provide an educational experience, and how those data will be used.…
-
University information classification policy: implementation guide
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/information-classification-policy-implementation-guide.pdfGuidance on how to implement and work with the University information classification policy…
-
University information classification policy
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/university-information-classification-policy.pdfDefine how people should respond to protective markings when accessing, handling, storing, transmitting and disposing of information or data that is protectively marked…
-
Access to information during periods of staff absence
https://www.st-andrews.ac.uk/policy/information-governance-and-management-information-security/access-to-information-during-periods-of-absence.pdfThis Policy defines the circumstances under which access to information held in email and files can be made during periods of absence, for business continuity purposes.…
-
Records Management Policy
https://www.st-andrews.ac.uk/policy/information-governance-and-management-records-management/records-management-policy.pdfTo provide direction on how University records are to be managed to preserve their value.…
-
Requests for personal data by the Police or a similar third party for the purposes of the prevention or detection of crime, apprehension or prosecution of offenders, or for taxation
https://www.st-andrews.ac.uk/policy/information-governance-and-management-data-protection-sharing-personal-data-with-third-parties/release-of-personal-data-for-crime-prevention.pdf