You are here: Information Security Information security policy

Information security policy

Here you can find Aarhus University's information security policy. Please notive that you can find a light version in the right column - the information security folder. 


Introduction

This information security policy is the basic framework for information security at Aarhus University. On the basis of the continuous monitoring and reporting the University Management reviews the information security policy at least every two years as part of the overall security management.

The policy governs Aarhus University’s information at large, which comprises any and all information that belongs to the Aarhus University and in addition also information which is not owned by Aarhus University, but for which the University can be held responsible. This includes eg all data on personnel, data on financial matters, all data which contributes to the administration of the Aarhus University, and data entrusted to the University by third parties, including experimental and research data. These data can be factual information, notes, records, reports, requirements for planning or any other information  for internal use.

This policy covers all Aarhus University information, regardless of what form they are stored in and in which way they are disseminated.

 

Breaches of information security

If an employee or a student discovers information security threats or breaches then they must immediately notify the person(s) responsible for the daily management of information security. 

Employees and students who violate information security policy or guidelines may be subject to sanctions contained in the Aarhus University rules and personnel policies.

1440720 / i40