Layout print header[D]

IT Security


These terms are used in IT Security:


Access to information at agreed times.


The restriction of information to those persons who are authorised to receive it.


Means of managing risk, including policies, procedures and guidelines.

Data controller

A person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

Data subject

An individual who is the subject of personal data.


Information in all its forms; data stored on or transmitted by computer systems; and material that can be stored and distributed as audio, video, or other media.

Information Security

Protection of information to ensure business continuity and to provide appropriate levels of confidentiality, integrity and availability.

Information Security Incident

An actual or suspected event or series of events that could threaten the confidentiality, integrity and availability of information; or that put at risk the security of IT infrastructure and systems.

Information System

A set of software, databases and procedures organised to store and provide information that supports the operations and business of the University.


The completeness and preservation of information in its original and intended form unless amended or deleted by authorised people or processes.


Information Strategy Executive. Has responsibility for monitoring the effectiveness of the University's IT Security.

IT Systems

Hardware, software, databases, communications facilities and procedures organised to capture and process, and to provide, protect and store information.


Joint Academic Network.


JANET Computer Emergency Response Team.

Key Information

Information that is critical to the functioning of the University, or sensitive, or which the University is obliged by law to maintain.

Personal data

Data which relate to a living individual who can be identified from those data, or those data and other information which is in the possession of, or is likely to come into the possession of, the data controller.

Strong password

A strong password is sufficiently long, random, or otherwise producible only by the user who chose it, that successfully guessing it will require too long a time. Strong passwords typically contain upper and lower case letters, and a mix of alphabetic characters, digits, and punctuation marks.

Supporting Policies

Documents that define specific detailed requirements in support of the Information Security Policy.

System owner

A member of staff who is the primary contact for an information system, and who is responsible for the security of information held in it. System owners are identified in the IT Systems Catalogue.

The University

Sheffield Hallam University.

Third Party

An Individual or organisation contracted to work for or on behalf of the University either from University premises or remotely, who requires access to University IT systems or information systems.




Sheffield Hallam University website

Sheffield Hallam University, City Campus, Howard Street, Sheffield S1 1WB

Telephone 0114 225 5555 | Fax 0114 225 4449

Privacy Policy

Freedom of information




Legal information