Answered By: Library Information Advisory Team Last Updated: Mar 18, 2019 Views: 3
Our IT systems follow the industry best practice defined in ISO/IEC 27002 but are not ISO/IEC 27001 certified as they are not externally audited. Where required, we can provide Assured Computing services that are externally certified to comply with the government's programme.
All research should adhere to the University of Sheffield Security policies: http://www.shef.ac.uk/cics/policies/infosec. Researchers using NHS data will be required to use NHS Information Governance Toolkit https://www.igt.hscic.gov.uk/.
For advice on what level of security will be appropriate and for more information on Information Governance generally, we recommend contacting Chris Willis, the University's Information Coordinator C.Willis@sheffield.ac.uk.
For more guidance about keeping your data safe, see the University library webpage at https://www.sheffield.ac.uk/library/rdm/safedata.