Information Security Standards Review

To ensure that UBC's confidential data and information systems are safe from a data breach, the university has Information Security Standards that govern the use and protection of university data and computing resources. As required by Policy #104, Acceptable Use and Security of UBC Electronic Information and Systems, all faculty and staff are responsible and accountable for following these standards.

These Information Security Standards are subject to periodic reviews to adapt to changing expectations and risks. The current review cycle began in March 2018.

Review Timeline

Review Phase I

  • March 2018 - Review Cycle began
  • March - April 2018 - Feedback gathering round
  • May - September 2018 - Committee drafts amendments to the standards that generated the most feedback (ISS #1,2,3,5,14)
  • October - November 2018 - Feedback gathering round #2
  • November 2018 - Committee finalizes amendments
  • December 2018 - CIO decision and approval of amendments
  • January - February 2019 - Other Information Security Standards and all related documents updated to reflect amendments
  • March 2019 - Updated standards are published: