Information Security Policy

The objective of University Information Security Policy is to ensure that all information and information systems, on which the University depends, are adequately protected. Achieving this largely depends on staff and students working diligently in accordance with policy guidelines.

The University Information Security Policy sets out requirements and recommendations, relating to how:

  • Confidential information must be protected from unauthorised access.
  • The integrity of information and information systems must be protected.
  • Appropriate measures must be taken to manage risks to the availability of information.
  • The University must ensure compliance with laws and the terms of contracts.

Failure to comply with University Policy may lead to disciplinary action.

  • The Overarching Information Security Policy can be found here Below are the area specific policies that sit under it.
  • Strategic Policy

Policy A-Z


Compliance Policy ISP-S3
Cryptography Policy ISP-S16
Information Asset Protection Policy ISP-S2
Information Handling Policy ISP-S7
Information Security Policy ISP-S1
Mobile Computing Policy ISP-S14
Network Management Policy ISP-S12
Operations Policy for IT Service Providers ISP-S6
Outsourcing and Third Party Access Policy ISP-S4
Personnel Policy ISP-S5
ResNet Acceptable Use Policy ISP-S17
Software Management Policy ISP-S13
System Management Policy ISP-S11
System Planning Policy ISP-S10
Teleworking Policy ISP-S15
Use of Computers Policy ISP-S9
User Management Policy ISP-S8

Implementation Details

Policy A-Z


Building Security ISP-I1
Computer Account Passwords ISP-I9
Cryptography Implementation ISP-I7
Guide to Information Legislation ISP-I5
Information Asset Security Measures ISP-I8
Institutional IT Usage Monitoring and Access ISP-I6
Managing Information Asset Security ISP-I4
Payment Card Security ISP-I10
Reporting Information Security Incidents ISP-I3
Reporting Software Faults ISP-I2

Software Regulations

Allowing off-site access to the Shared Departmental X: drive





Other Relevant University Policies

Policy A-Z


Policy for Selection & Use of Cloud Services


Share this page:

Request Information

To make a Data Subject Access Request, or a Freedom of Information Request, please contact IAS directly.

Data Protection Officer

The Data Protection Officer is:

Elisabeth Taoudi, Data Protection Officer and In-House Commercial Lawyer, University of Leicester, University Road, Leicester, LE1 7RH

0116 229 7640