Information Governance

Compliance and RiskInformation GovernanceInfo security

Info security

Information security

Security is a key element of the governance and management of Information. Information Security at the University is ultimately the responsibility of every individual using information. The responsibility for providing the environment and guidance for all service users sits with the Information Governance Team and the Information Security Team in Exeter IT.

 Resources are available to service users on the Information Security SharePoint pages.

The University has several policies and procedures relating to Information Security which can all be found on our policies pages. These include:

  • The Information Governance and Security Policy
  • The Information Classification Policy
  • Information Handling Guidelines
  • The Information Retention Policy
  • The Data Breach Policy
  • Equipment disposal guidelines
  • Regulations relating to the use of information technology facilities
  • The Information Security Controls Policy
  • The Bring Your Own Device Policy
  • The Information Security for Portable and Removable Media Devices Policy
  • The Laptop and Workstation Build Policy
  • The Patch Management Policy
  • The Anti-Malware Policy
  • The Remote Access Policy
  • The Password Policy

File storage

Information about how and where to store files in University systems can be found on Exeter IT's Files and storage page.

As detailed in the TQA manual the issues with personal computers and poor file management are not considered valid circumstances for mitigation.

Top tips for ensuring the integrity of your files:

  • Make sure you have backups,
  • Ensure you have correctly assigned access to shared files,
  • Maintain a system of storage or naming to ensure files can be retrieved,
  • Use University provided solutions for University work,
  • Be aware of the data you manage and any regulations or laws which apply to them.

Using the network

Details on how to use University networks can be found on Exeter IT’s web pages here.

You can find the Regulations Relating to the Use of IT Facilities here.

If you are interested in using restricted materials which is or could be construed as illegal, suspicious or objectionable please see the University’s Code of Conduct for Access to Restricted Materials. The University recognises the value of studying and researching such materials. The Access to Restricted Materials process has been designed to ensure that where there is a valid reason for such activity it can be carried out compliantly and safely to protect both the Researcher and the University.