IT Services

IT policies and guidelines

There are a number of regulations and guidelines covering the use of our systems and services. As an IT user at The University of Manchester, you are expected to abide by these regulations and guidelines.

Policies and regulations

• General regulations for the University of ManchesterSection XV - Use of IT facilities and services
• Acceptable use policyIT facilities and services
• PC cluster usage regulations
• Halls of Residence networking policiesHornet website
• Information security policy

Standard operating procedures

• Acceptable use of IT facilities and servicesStudents
• Acceptable use of IT facilities and servicesStaff
• Information Governance checklist and instructionThis replaces the Data Protection and IT Security checklists
• Information security classification and secure handling SOPStandard Operating Procedure for classification of University information assets
• Authority to access and monitor University IT Account holder communications and data SOPDescribes the approval process and record‐keeping where access to account holder data is required.
• Bring your own technologyProcedure for using non-University devices and systems to access University data and systems and remote working
• Collection and acquisition of digital evidenceDescribes the procedure to be followed to obtain digital evidence to establish compliance or non-compliance with University laws
• Acquisition or development of IT systems and servicesDescribes the procedure for obtaining approval for the commissioning, developing, maintaining and supporting IT systems and/or services including systems developed by staff other than IT Services or Faculty IT staff

Technical security standards

• Cryptography TSSDefines the security controls and processes associated with cryptography used to protect data both in transit and at rest.
• Password TSSDefines the security controls relating to user accounts, privileged access management, passwords and other authentication methods.
• Managed Desktop Environment TSSDefines the standard configuration of Managed Desktop computers provided by the University.
• Patching TSSDefines the security controls and processes associated with the deployment of security and other patches.
• Malware Defence TSSEnsuring appropriate controls are maintained to defend against malware exploiting vulnerabilities on the University’s internal network.
• Firewall TSSEnsuring appropriate controls are maintained and managed in the University’s Firewalls to defend zones and network segments from unauthorised or inappropriate access.

Under review

User management

Defines how user accounts and privileges are created, managed and deleted.

• User management

IT continuity management and planning

Sets out the processes for assessing and addressing risks to continuity of IT applications and defines responsibilities for preparing and implementing continuity plans.

• IT continuity management and planning

Information security responsibilities

• Information security responsibilities