What is the Security & Information Management Programme?
An institution-wide information management and security programme is underway to help all staff and students work more securely with information and data. Find out more about what’s happening and what it will mean for you, your colleagues and team.
The information the University creates and manages needs to be kept secure, safely managed and available to the right people at the right time. Most of us handle sensitive and confidential, personal and professional information at some time or another and use a range of IT devices to do so - PCs, laptops and mobiles. As a result of our own analysis, the ICO audit, and ever-increasing cyber threats, we know we must improve our information management, governance and security across the board. We need to be more stringent about the standards applied to computers and devices that access our network to avoid data loss, business interruption or reputational damage.
Why is this important?
Our personal and professional information and assets are fundamental to our work, our value and our reputation as an institution. Our University-wide data security and information management programme is designed to help us all improve our ways of working. It is a positive investment to ensure the security of our intellectual property, research, management, teaching and learning. We have a great programme team in place, including our own world-leading professional and academic experts in information management and data security and colleagues from across the institution. We have a robust plan of governance and process works that will enable us to implement changes, make progress, innovate and collaborate more securely.
The Programme will set clear, measurable milestones and targets to ensure that we are addressing the risks that have been identified by us and in the recent ICO audit. These targets will be closely monitored and reported to the University Executive Board via two newly-established, institution-wide, University information management committees, UIMC and UIMEC.
Protecting our information assets
Safeguarding our staff, students and wider community
Securing our strategic objectives and reputation
Ensuring regulatory compliance
Our Programme consists of a series of essential work streams planned over the next few months which will be undertaken step-by-step and with great care to make sure we achieve better operating standards while maintaining the full functionality of all our systems. We’ll need your understanding and help to do this, and to achieve the sector-leading position on information security that we all want for Warwick.
Am I Involved?
This Programme will involve us all. If you use a Warwick staff card, a Warwick email address, access one of our staff or student record systems or share your Warwick work with colleagues within or beyond the University, you are involved in activities that carry risks in data security. We will be working across all groups and departments in the University to ensure that everyone is aware of what we have to do differently to reduce these risks to an acceptable level. In the current situation, our colleagues in ITS have already gathered together key guidance on working safely from home here.
Our plans and the work that flows from them will need everyone’s commitment and action – especially as some measures will involve laws we have to follow. There will be lots of guidance and help available, with training and support and expert assistance, but the new standards of security must be adopted and those who consistently fail to do so may find themselves excluded from our systems.
Information on further activities, support and progress will shared in the coming weeks.
Data Protection Officerdpo@warwick.ac.uk
The University of Warwick
Coventry CV4 8UW