Information security - Kunnskapsbasen
Information security
Information security - topic specific policies for Information Security
Norsk versjon: Informasjonssikkerhet - retningslinjer
Policies for different areas of application
The objectives of the Policy for information security are achieved through active work within organizational, human and technical action areas. The management system for information security safeguards the identified action areas and who has different responsibilities within each of them, through clear policies. Many of these policies are of an IT technical nature, and are assigned to the IT manager at NTNU as responsible for implementation. Other policies are more organizational and human-oriented, and deal with processes such as deviations, risk management and classification of information. All employees have a duty to participate.
All work on security culture and training will be in accordance with the internal requirements that the policies impose on managers and employees. The purpose is to make the management line better equipped to have an overview and control over their own information assets, and employees better able to safeguard the information security of these in their work processes and in their communication flow.
Topic specific policies for Information Security
The documents were approved by the Director of Organization and Infrastructure on 12 June 2023.
Policy for Classification of Information Assets
Policy for Cryptographic controls
Policy for Cyber security culture and training
Policy for Digital Incident Management and Disaster Recovery
Policy for Discrepancy Reporting and Discrepancy Processing in Information Security and Privacy
Policy for Information Security in Supplier Relations
Policy for network and information transfer
Policy for Risk management in information security
Policy for Securing Personal ICT Equipment
Policy for the processing of personal data
Contact information
Digital Security Section (security@ntnu.no)
Child Pages (11)
-
Access control - policy
Policy for Access Control. Download pdf of the policy for access control Norwegian version - Retningslinje for tilgangskontroll Innholdsfortegnelse [-] Purpose Applies to General Principles...
-
Cryptographic controls - policy
Policy for cryptographic controls. Download pdf of the policy for cryptographic controls Norwegian version - Retningslinje for kryptografiske kontrollere Innholdsfortegnelse [-] Purpose Applies to...
-
Cyber security culture and training - policy
Policy for Cybersecurity culture and training. Download pdf of the policy for cybersecurity culture and training Norwegian version - Retningslinje for arbeid med sikkerhetskultur og opplæring...
-
Digital incident management and disaster recovery - policy
Policy for Digital Incident Management and Disaster Recovery. Download pdf of the policy for Digital Incident Management and Disaster Recovery Norwegian version - Retningslinje for digital...
-
Discrepancy reporting and discrepancy processing in information security and privacy - policy
Policy for Discrepancy reporting and discrepancy processing in information security and privacy Download pdf of the policy for Discrepancy reporting and discrepancy processing in information...
-
Information security in supplier relations - policy
Policy for information security in supplier relations Download pdf of the Policy for information security in supplier relations Norwegian version - Retningslinje for informasjonssikkerhet i...
-
Network and information transfer - policy
Policy for network and information transfer. Download a pdf of the Policy for network and information transfer Norwegian version - Retningslinje for Nettverks- og informasjonsoverføring...
-
Operative security - policy
Policy for operative security. Download pdf of the Policy for operative security Norwegian version - Retningslinje for operativ sikkerhet Innholdsfortegnelse [-] Purpose Applies to General...
-
Processing of personal data - policy
Policy for processing of personal data. Download a pdf of the policy for processing of personal data Norwegian version - Retningslinje for behandling av personopplysninger Innholdsfortegnelse [-]...
-
Risk management in information security - policy
Policy for risk management in information security Download a pdf of the policy of risk management in information security Norwegian version - Retningslinje for risikostyring for...
-
Securing personal ICT equipment - policy
Policy for securing personal ICT equipment Download a pdf of the policy for securing personal ICT equipment Norwegian version - Retningslinje for sikring av personlig IKT-utstyr Innholdsfortegnelse...