IT Regulations & policies
The IOE has a commitment to handle data in a manner appropriate to its sensitivity.
This helps us meet the regulatory demands that are now associated with running research projects.
We have an adherence to a set of Information Security Policies, which provide the principles and standards for ensuring the Confidentiality, Integrity and Availability of IOE-held data.
The top-level policies forming this framework are the Information Security Management Policy and the associated Data Security Policy
There are a further suite of policies that provide greater detail of various areas:
Access Control Policy (limiting system and data access to appropriate users)
Electronic Messaging Policy (using email and other messaging applications)
Monitoring and Logging Policy (what system information may be monitored and stored)
Remote Access and Mobile Working Policy (what can be accessed remotely, and by whom)
Server Security Policy (security controls applied at the server level)
System and File Restoration Policy (what is backed up and how it can be restored)