Skip to main content

Information Governance and Security Policies

The University's Information Governance and Security policies consist of a number of documents which must be followed to protect all information the University holds, as well as our IT systems.

More details, forms and supporting documents can be found on our SharePoint site.

Overarching statement

Overarching Information Governance and Security policy - the top-level Information Governance and Security Policy document for the University gives guidance on everyone’s roles and responsibilities.

Subsidiary policies and standards

Good Information Governance protects University information and allows us to use information in secure, efficient and legally compliant processes. The following policies should be applied to all information and not just personal data.

Data Protection Policy (PDF) ensures all use of personal data across the University protects individual’s privacy, takes into account legal requirements and is compliant with the General Data Protection Regulation (GDPR) and Data Protection Act 2018.

Records of Processing Activity

Data Breach Policy (PDF)

Data Subject Request Procedure (PDF)

Data Protection Impact Assessment Policy (PDF)

Web content guidelines

Regulations relating to the use of information technology facilities provide the detail for anyone that has any access to University computing, telecommunications or networking systems and services provided by, or accessed via, the University of Exeter. This is supported by the following Information Security policies that sets out the responsibilities for all users, including users of privately owned devices.

Bring Your Own Device Policy (PDF)

Information Security for Portable and Removable Media Devices Policy (PDF)

Setting up VPN

Code of Conduct for access to restricted materials provides the steps that staff and students must take before undertaking any teaching or research that may involve sensitive information, such as terrorism material and requires the completion of the:

Janet Acceptable Use Policy

eduroam(UK) Policy