Information Security Policy - VPS-33

Information Security Policy - VPS-33

Concordia University is committed to ensuring the security of all institutional data and information held by the university. All public bodies must adopt and implement a policy on the security of information, to secure that appropriate levels of control are in place to support the availability, accessibility, integrity and confidentiality of information.

The purpose of this policy is to ensure appropriate levels of control are in place in support of the availability, accessibility, integrity and confidentiality of the Information, including research data. This Policy also sets out the governance structure and the units and/or teams responsible for ensuring the security of information.

Many university policies can provide more context on how data is kept and stored within the university, including but not limited to the Records Classification and Retention Plan, the Policy Concerning the Protection of Personal Information (SG-9), the Policy on Confidential Information (HR-36), the Policy on Computing Facilities (VPS-30) and the Policy on Data Governance (PRVPA-4).