The Information Security Framework at Carlow College, St. Patrick’s was developed to protect the confidentiality, integrity and availability of data and is aligned to ISO 27001. At its meeting dated 18 October 2024, the Management Board established the Information Security Management Review Team that is responsible for ensuring the effective delivery of the Information Security Management System and its continual improvement. Key components of its remit are:
- to systematically examine the College’s information security risks, taking account of the threats, vulnerabilities, and impacts;
- to design and implement a coherent and comprehensive suite of information security controls and / or other forms of risk treatment (such as risk mitigation, avoidance or transfer) to address those risks that are deemed unacceptable; and
- to adopt an overarching management process to ensure that the information security controls continue to meet the College’s information security needs on an ongoing basis.
For more on the remit of the Security Management Review Team, see its terms of reference [INSERT LINK].
Policies
- Acceptable Use Policy
- Access Control Policy (available on Staff Portal)
- Asset Management Policy (available on Staff Portal)
- Backup Policy (available on Staff Portal)
- CCTV Policy
- Data Protection Policy
- Hybrid Working Policy
- Information Classification and Handling Policy (available on Staff Portal)
- Information Security Awareness and Training Policy (available on Staff Portal)
- Information Security Policy
- Records Management Policy
