Skip to main content
IT Services

Breadcrumb

  1. IT Services
  2. About ITS
  3. Governance & Committees
  4. Governance
  5. Policies

Policies

This page contains a list of IT Services Policies and Standard Operating Procedures (SOP) that help to define how the department operates. Overarching policies can be found on the QMUL Policy zone.

A document remains active until superseded and a new version is uploaded. If it is deemed no longer valid then the document is retired and removed from the list below.  

 

Governance Frameworks

IT Governance Framework

IT Project Governance

 

Information Security & Data Governance (SOP) Policies

IS01 Information Security & Acceptable Use Policy [PDF 224KB]
Approved by: IGG Last Review 15.01.25                                                                                

DG00 Review Update of Policies [PDF 302KB]
Approved by: ITLT  Last review: 17.02.25                                          

IS00 ITS ISMS Information Security Management System Policy [PDF 218KB]
Approved by: ITLT  Last review: 17.02.25                               

IS02 ITS Documents and Records Control Policy [PDF 145KB]
Approved by: ITLT  Last review: 17.02.25                                                                       

IS03 ITS Nonconformance and Continual Improvement Policy [PDF 156KB]
Approved by: ITLT  Last review: 17.02.25       

 

Managing Information

IS08 ITS Risk Management Policy v.1.0 [PDF 161KB]
Approved by: IGG  Last review: 15.01.25

Supersedes DG01 Information Risk Assessment [PDF 530KB]

DG09 Information Classification [PDF 359KB]
Approved by: IGG  Last review: 24.06.2022

IS12 Information Transfer Policy v1.0 [PDF 128KB]
Approved by: IGG  Last review: 15.01.25

 

Procurement & Confidentiality


DG03 Third Party Access to Information Policy [PDF 471KB]
Approved by: ITLT  Last review: 17.02.25

DG04 Contracting for IT Services [PDF 547KB]
Approved by: ITLT  Last review: 20.02.17

DG07 IT Procurement Policy [PDF 317KB]
Approved by: ITLT  Last review: 17.02.25

IS07 Third Party Supplier Assessment and Management Policy [PDF 165KB]
Approved by: ITLT  Last review: 17.02.25

Operations

IS28 Joiners Movers and Leavers Policy [PDF 164KB]
Approved by: IGG  Last review: 15.01.25

DG08 Implementing IT Systems Policy [PDF 349KB]
Approved by: ITLT  Last review: 17.02.25

DG06 IT Incident (Malfunction) Reporting Policy [PDF 312KB]
Approved by: ITLT  Last review: 17.02.25

IS14 Reuse and disposal of IT equipment [PDF 168KB]
Approved by: IGG  Last review: 15.01.25

DG17 IT User Account Management Policy [PDF 273KB]
Approved by: ITLT  Last review: 02.02.23

DG19 Remote Access Policy [PDF 397KB]

Approved by: ITLT  Last review: 15.02.25

DG20 Access to and Use of Email
Superseded by: IS01 Information Security & Acceptable Use Policy - 27.03.2023

DG22 Maintenance of System Security Logs Policy v2.0 [PDF 537KB]
Approved by: IGG  Last review: 15.01.25

DG23 Computer Room Operation Policy [PDF 342KB]
Approved by: ITLT  Last review: 17.02.25

DG24 Working in Secure Areas Policy [PDF 299KB]
Approved by: ITLT  Last review: 17.02.25

IS06 Configuration Management Policy [PDF 112KB]
Approved by: ITLT  Last review: 17.02.25

IS17 Network Security Management Policy v1.0 [PDF 153KB]
Approved by: IGG  Last review: 15.01.25 

Supersedes DG28 Network Management [PDF 665KB]
Approved by: ITLT  Last review: 31.03.17

DG29 Acceptable Use of IT
Superseded by: IS01 Information Security & Acceptable Use Policy - 27.03.2023

ITS Computing Device Policy v1.8 [PDF 709KB]
Approved by: ITLT Last review:  30.08.24

ITP07 - Self Managed Devices [PDF 360KB]
Approved by: ITLT Last review: 22.03.22

 

Security

IS04 Information Security Incident Reporting and Management Policy [PDF 192KB]
Approved by: ITLT Last review: 17.02.25

IS26 Awareness and Training Policy v1.0 [PDF 164KB]
Approved by: IGG Last review: 15.01.25

IS15 Access Control Policy [PDF 196KB]
Approved by: IGG  Last review: 15.01.25

IS18 Cryptographic Controls Policy [PDF 167KB]
Approved by: IGG  Last review: 15.01.25

DG18 Password Management 
Superseded by: IS01 Information Security & Acceptable Use Policy - 15.01.2025

IS19 Vulnerability and Malware Policy [PDF 133KB] 
Approved by: ITLT Last review: 15.01.25

DG21 Disconnection from the system
Approved by: ITLT  Last review: Retired

DG27 IT Security Incident Management [PDF 284KB]
Approved by: ITLT  Last review: 10.12.21

Secure Desk Working Policy
Superseded: IS01 Information Security & Acceptable Use Policy - 27.03.2023

IS22 Use of Cloud Services Policy [PDF 166KB]
Approved by: IGG  Last review: 15.01.25

 

System Recovery
IS05 Information Security Business Continuity Policy [PDF 119KB]
Approved by: ITLT  Last review: 15.01.25

IS21 Backup Policy [PDF 156KB]
Approved by: IGG  Last review: 15.01.25

 

Logs & Audits
DG13 Managing Information Records
Approved by: IGG  Last review: Retired

IS20 Logging and Monitoring Policy [PDF 166KB]
Approved by: IGG  Last review: 15.01.25


IT Related Policies

If the link does not work copy & paste the URL into your browser.

Information Governance

Records Management

Managing Electronic Information

 

Janet acceptable use policy

Central Print Policy [PDF 498KB]

Patch Management Policy [PDF 717KB]

BYOD Policy [PDF 523KB]
BYOD Appendix - B [PDF 244KB]

IT Related Procedures

ITPROC01 Data Destruction Procedure [PDF 288KB]

ITPROC01 Secure Deletion Confirmation Template [DOC 49KB]

Guidance Documents

ITS Device Policy Guidance v2.4 [PDF 428KB]

Guidelines on Cloud Services [PDF 669KB]

Web Application Guidance [PDF 1,000KB]

SDD and NCR Naming Convention [PDF 704KB]

Guide to current service offering - PC and Print May 2016 [PDF 88KB]

IT Service Offerings Description Document v4.0 [PDF 954KB]

Guidance for Recruiting Individuals [PPT 479KB]

IS14 Staff Travelling to High-risk Countries [PDF 1,217KB]

  

Risk Management

QMUL Risk Policy

QMUL Risk Management

 

 

Back to top