Tel: +44(0)1865 283425 Fax: +44(0)1865 283426 Email: admin@ucisa.ac.uk [Site Map] © UCISA
UCISA Information Security ToolkitMost institutions now rely heavily on information systems to support and drive their key business processes. Consequently, such systems are increasingly subject to audit to ensure that they are being managed effectively and that the integrity of the information they hold is being maintained. The British Standard BS 7799 was frequently used as the basis for many such audits; the standard has now been subsumed into the international standard ISO27001:2005. The UCISA Information Security Toolkit is intended to support UK Higher and Further Education Institutions in producing Information Security policies to address (and to demonstrate that they are addressing) threats to the confidentiality, integrity and availability of information systems for which they are responsible, and to help meet audit requirements. The sections draw heavily on British Standard BS 7799, not least by adopting its structure for control objectives and controls. The first edition of the Toolkit, which has been produced with support from JISC and UKERNA, was launched at the UCISA Management Conference in Glasgow in March 2005, and the second version was launched at a Managers Forum on 23 November 2005 in London; this included a number of case studies on the implementation of the Toolkit. (The presentations can be downloaded from the event programme.) A third edition, revised to reflect the new ISO standard, was released in 2007. The complete document is available to download as a PDF file; in addition to this, it each individual section is available separately. Further it is hoped to include specimen policies from institutions that have implemented all or part of the Toolkit.
Download the Information Security Toolkit as a PDF file
|
| |
|
UCISA,
University of Oxford, 13 Banbury Road, Oxford, OX2 6NN Tel: +44(0)1865 283425 Fax: +44(0)1865 283426 Email: admin@ucisa.ac.uk [Site Map] © UCISA |