Information security

    All information involving the University’s activities and operations is to be handled in a secure manner. This applies to research data, teaching materials and administrative tasks. The definition of information security and what applies to you as an employee or information owner is described here.

    Protecting information

    Information security is a matter of preventing data from being lost, corrupted or leaked. This applies regardless of whether the information is handled electronically, physically or in conversations among colleagues. Good protection of information involves procedures for processing, physical measures and protection in the form of technical solutions.

    This may mean, for example, evaluating and storing information in an appropriate place based on the information's content and need for protection or following advice and guidance on information

    Additional reading

    Security awareness

    Information and tips for employees on how to safeguard information and IT in your daily work.

    Familiarise yourself with your information

    As an information owner, what you need to consider to achieve the right level of protection. For example, when starting a new project or a new research project.

    Information classification

    When and how to classify information. Guidance in classifying information and resources to find the right level of protection.

    Risk analysis

    How to conduct a risk analysis. Guidance in identifying risks, threats and undesirable events that may affect information security so you can develop and implement security measures that reduce or eliminate risks.

    Sensitivity labels

    How to value and apply protection to documents and work materials in Microsoft 365 (M365).

    Systematic information security

    How we work systematically with information security based on our information security management systems.

    Legal Affairs Office
    2/28/2024