Security Policy
This security policy is established by the Governing Board of the University of Borås in accordance with Chapter 5. 4§ p.11 of the Board's Organisational and Decision-Making Procedure. The security policy details the university's intentions and objectives for the university's security work, which includes security for persons, physical property, and information. Steering documents related to security work are decided upon by the Vice-Chancellor or an appointee.
Please note: This document has been translated from Swedish into English. If the English version differs from the original, the Swedish version takes precedence.
1. Responsibilities and roles for the work
The Vice-Chancellor or an appointee has the overall responsibility for security and its coordination. Under the Vice-Chancellor, responsibility for security at the university follows the line organisation unless otherwise stated in other decisions or steering documents.
All employees and students at the university have to comply with the stipulations provided in laws, regulations, rules, and internal steering documents regarding security work. Anyone who violates these provisions may be subject to disciplinary action.
2. Purpose and objectives of the security work
The purpose of the security work is to create a safe and secure environment for people on the university's premises, to minimise the risk of damage to material and intangible valuables[1], to maintain the university's information security in the form of a safe management of information and information systems, and to ensure the continuity of operations in order to create good conditions for education and research. Security is to be designed in accordance with applicable laws and regulations relevant to our university.
The goals are:
- The university is a safe and secure place to study and work.
- All employees and students have knowledge of current security rules and procedures and an understanding of security work in relation to their roles.
- Steering documents are available to ensure the consistency and quality of security work.
- The activities of the university are continuous with minimal disturbances.
- The university has the ability to deal with crises and unforeseen events.
- All assets in the form of property, technical equipment, and information are adequately protected.
- Information security is adequately maintained when it comes to confidentiality, integrity, availability and traceability.
[1] Examples of tangible and intangible valuables may include: information, computers, systems, communications, materials, capital, personnel, premises, and goodwill.
3. Principles for security work
University leadership is to work towards an environment in which security is a priority and in which everyone feels responsible for maintaining security.
Work university-wide is to be coordinated in order to be systematic and to maintain a holistic approach to the university's security work.
Security work is to be part of operational planning and be carried out systematically in order to achieve continuous improvement. The university is to work in a structured and effective way when it comes to risks, incidents, and deviations. Risks are, as far as possible, to be managed by those most closely responsible for the activities concerned. A focus on the long-term and cost-effectiveness are to characterise security work.
Policies and procedures are to be in place in the relevant security areas to provide support to employees and students in order to achieve a high level of security. Any deficiencies noted are to be reported to a manager or some other responsible function.
4. Revision, follow-up, and information
The Vice-Chancellor or an appointee is responsible for the coordination of security work at the university and for revising documents related to security work and keeping the university at large informed.