To ensure that UBC's confidential data and information systems are safe from a data breach, the university has Information Security Standards that govern the use and protection of university data and computing resources. As required by Policy SC14 (formerly Policy 104), Acceptable Use and Security of UBC Electronic Information and Systems, all faculty and staff are responsible and accountable for following these standards.
These Information Security Standards are subject to periodic reviews to adapt to changing expectations and risks. The current review cycle began in March 2018.
Review Timeline
Review Phase I
- March 2018 - Review Cycle began
- March - April 2018 - Feedback gathering round
- May - September 2018 - Committee drafts amendments to the standards that generated the most feedback (ISS #1,2,3,5,14)
- October - November 2018 - Feedback gathering round #2
- November 2018 - Committee finalizes amendments
- December 2018 - CIO decision and approval of amendments
- January - February 2019 - Other Information Security Standards and all related documents updated to reflect amendments
- March 2019 - Updated standards are published:
Review Phase II
Beginning March 2019, the review team began working on draft amendments for the next set of standards based on community feedback. These will continue to be published in a series of iterations for comment by the campus community. We always invite feedback relating to the Information Security Standards. Email your feedback directly to privacy.matters@ubc.ca.
Feedback will be forwarded to the members of the review team, who will then make final amendments to the standards and forward them to the Chief Information Officer for approval. Comments submitted in the initial feedback gathering round are also available for your review.
If you have any questions or comments about this process, please send an email to privacy.matters@ubc.ca.