- About Information Governance
- Report a Data Breach/Incident
- Information Security Training
- Information Security Policy
- Information Security
- Data Protection under the new GDPR
- Make an Information Request
- Data Protection
- Freedom of Information
- Records Management
- Information Security regulations
- Information Systems
- IT files and storage
- Open Research Exeter
Information Security Policy
The University's Information Security Policy consists of a number of documents which must be followed to protect all information the University holds, as well as our IT systems. Please be aware that all these policies are currently under review and will be updated, with additional guidance and top tips on how to implement them.
The Overarching Information Security Policy is the top-level Information Security Policy document for the University.
Subsidiary Information Security policies and standards
These documents specify what is and is not allowed:
The Anti-malware Policy sets out the responsibilities for all users, including users of privately owned devices, in relation to malicious software to ensure IT systems and other facilities are secure and available.
Regulations relating to the use of information technology facilities provide the detail for anyone that has any access to University computing, telecommunications or networking systems and services provided by, or accessed via, the University of Exeter.
Data Protection Policy ensures all use of personal data across the University takes into account legal requirements and is compliant with the Data Protection Act 1998.
Records Management Policy acts as a framework to support the management of records across the University and includes the University Records Retention Schedule.
Code of Conduct for downloading materials relating to terrorism provides the steps that staff and students must take before undertaking any teaching or research that may involve terrorist material.