This post shares some work samples of policy documents I have written. If you are looking for code examples please visit my git repository on Bitbucket. Looking at the “tech” pages of my website you will see some of the technology related things that I’ve gotten up to in the past.
Below are some of the less sensitive Information Security related policies I worked on at University of Sheffield. TFor the most up-to-date instances of these policies please visit the University of Sheffield policies pages here. The links below go to the version of the document when I was last involved in updating it.
- University of Sheffield Information Security Policy: University wide policy that applies to all University information assets and/or information systems controlled by UoS.
- Cyber Essentials Assured Computing Policy : Key policy statements and working practices required to ensure compliance to the Cyber Essentials standard when using the Assured Computing service at UoS.
- University of Sheffield PCI DSS Security Policy : Parent policy for PCI DSS at University of Sheffield.
- University of Sheffield PCI DSS Systems Security Standard : Part of a suite of documents to support the University’s compliance to the Payment Card Industry Data Security Standard. This document details the systems security procedures for all staff working in or with the cardholder data environment. The controls described in this document apply to systems in (or that can impact upon) the CDE.