Cookies on this website

We use cookies to ensure that we give you the best experience on our website. If you click 'Accept all cookies' we'll assume that you are happy to receive all cookies and you won't see this message again. If you click 'Reject all non-essential cookies' only necessary cookies providing core functionality such as security, network management, and accessibility will be enabled. Click 'Find out more' for information on how to change your cookie settings.

As Head of Department you are accountable for the implementation of the University's Information Governance Policies. You also assume the role of Senior Information Risk Owner for your department.

Oversight & Leadership

  • Promote the highest ethical standards in the design, conduct and reporting of research (Research Integrity)
  • Take overall ownership of information security in the department (Information Security)

Policy Implementation

  • Effective implementation of information security policy within the department (Information Security)
  • Define and document specific information security policy requirements for the department (Information Security)
  • Identify and assign specific roles related to information security
  • Embed information security in management framework
  • Perform regular reviews against the policy (Information Security)
  • Report on compliance with the policy (Information Security)
  • Ensure compliance with baseline information security standards (Information Security)
  • Ensuring that the risk management policy is implemented and followed in the department (Risk Management)
  • Ensuring their staff and students observe the research integrity policy (Research Integrity)
  • Providing support to Information Compliance Team (Data Protection)

Asset Management

  • Controls access to records - Access to current and non current records restricted to department (Records Management)
  • Up to date inventory of all asset usage (Information Security)
  • Records of processing activities (Data Protection)
  • Agreeing arrangements (with researcher) as to where the researcher’s research data will be stored and who will have access to this after the researcher leaves (or retires from) the University (Research Data Management)
  • Implement additional security controls for confidential data (Information Security)
  • Classify information assets (Information Security)
  • Develop handling rules (Information Security)
  • Risk Management Maintenance of departmental risk register (Risk Management)
  • Reviewing data privacy risks (Data Protection)

Incident Management

Staff Awareness & Training

Departmental Processes (Research, Admin and Teaching, Business as Usual | Projects)

Work with Third Parties