Welcome to the ITS Information Security Office
Enlarge Font   |   Minimize Font   |   Bookmark and Share
Last modified: November 02, 2016 22:53:54.

The Information Technology Services (ITS) department at Qatar University, the central IT authority on campus, hosts and maintains the University’s major IT services.

In an effort to protect the resources that are under its custody, the department established an Information Security Management System (ISMS) that is based on the ISO 27001 International set of standards.

The University’s leadership team, represented by the QU President, endorses this initiative and supports it fully, as documented in the ISMS Policy Statement outlined below.

Purpose

Qatar University is a leading education provider in the State of Qatar and handles information sensitive to the country. Protection of information assets is vital to Qatar University. To fulfill this strategic business objective Qatar University has established an Information Security Management System.

Information Security Policy

The Board of Regents, President, senior management and employees at Qatar University are committed to protect the confidentiality and integrity of all the information assets, ensure availability in accordance to business objectives and conduct business in compliance with all statutory, regulatory and legal requirements.

Objectives

The Objective of ISMS at Qatar University is to ensure that:

  • Information is only accessible to authorized persons – internal or external.
  • Confidentiality and Integrity of information shall be maintained.
  • Business requirements for the availability of information shall be met.
  • Business continuity plans are established, planned and tested.
  • Information security education, awareness and training shall be provided to staff and relevant external parties.
  • All employees and relevant external parties shall be informed that compliance to this policy is mandatory and violation leads to disciplinary action.
  • All breaches of information security, actual or suspected, shall be reported to Information Security Manager and investigated by the Information Security team.
  • All applicable regulatory and legislative requirements are always met.

The management of Qatar University shall ensure that this policy is communicated, understood, implemented and maintained at all levels of the organisation. The policy shall be annually reviewed and monitored for compliance and will be amended, if necessary.

This policy has been approved by the President of Qatar University.