(1) This document sets out the University’s policy on cyber security. (2) Cyber security is about defending IT facilities and services and stored data from unauthorised access, use, disclosure, disruption, modification, and destruction. It seeks to ensure integrity, availability, confidentiality and safety of data and services; and ensures controls are proportionate to risk. (3) This Policy is supported by a cyber security framework which includes supplementary policies; guidelines on specific topics; operational practices; action plans; technology controls; education programs and monitoring and assurance activities. (4) This Policy applies to all users and devices of IT facilities and services at the University. (5) All ssers should be aware of this Policy, their responsibilities, and legal obligations. (6) All users and devices are required to comply with this Policy and are bound by law to observe applicable statutory legislation. (7) All University IT facilities and services will be protected by effective management of cyber security risks. (8) Use of IT facilities and services must comply with University policies and relevant legislation. Examples of legal regulation include privacy, copyright, government information (public access), equal employment opportunity, intellectual property and workplace health and safety. (9) IT facilities and services will be provided, managed, and operated such that: (10) The Chief Information Digital Officer has the following responsibilities: (11) The cyber security team has the following responsibilities: (12) The Risk, Audit and Compliance Committee has the following responsibilities: (13) Staff whom manage any IT Facility have the following responsibilities: (14) Individual users have the following responsibilities for themselves and their devices:Cyber Security Policy
Section 1 - Purpose of Policy
Section 2 - Application and Scope
Section 3 - Policy Principles
Top of Page
Section 4 - Roles and Responsibilities
Chief Information Digital Officer
Cyber Security Team
Risk, Audit and Compliance Committee
Staff with responsibility for managing any IT Facility or Service
Users of IT Facilities and Services
Top of PageSection 5 - Definitions
Word/Term
Definition (with examples if required)
Cyber security
The practice of defending computing devices, networks and stored data from unauthorised access, use, disclosure, disruption, modification, or destruction
IMTS
Information Management & Technology Services at the University of Wollongong.
IT Facilities and Services
Information Technology facilities operated by or on behalf of the University. This includes services and systems and associated computing hardware and software used for the communication, processing, and storage of information
University
University of Wollongong and controlled entities
University network
The network infrastructure used by the University including all network services on main campus and satellite campuses with trusted access to UOW services
User
A person assigned a User Account by the University or a person who is otherwise authorised to use University IT Facilities and Services
View Current
This is the current version of this document. You can provide feedback on this document to the document author - refer to the Status and Details on the document's navigation bar.