IT Services


IT policies and guidelines

There are a number of regulations and guidelines covering the use of our systems and services. As an IT user at The University of Manchester, you are expected to abide by these regulations and guidelines.

Policies and regulations

Standard operating procedures (SOP)

Technical security standards (TSS)

  • Authentication TSSDefines the specification for the baseline requirements for authentication across all IT systems managed by IT Services
  • Cryptography TSSDefines the security controls and processes associated with cryptography used to protect data both in transit and at rest.
  • Firewall TSSEnsuring appropriate controls are maintained and managed in the University’s Firewalls to defend zones and network segments from unauthorised or inappropriate access.
  • Logging TSSDefines the security controls and processes associated with logging and auditing events within IT systems.
  • Malware Defence TSSEnsuring appropriate controls are maintained to defend against malware exploiting vulnerabilities on the University’s internal network.
  • Managed Desktop Environment TSSDefines the standard configuration of Managed Desktop computers provided by the University.
  • Password TSSDefines the security controls relating to user accounts, privileged access management, passwords and other authentication methods.
  • Patching TSSDefines the security controls and processes associated with the deployment of security and other patches.
  • Vulnerability Scanning and Penetration Testing TSSDefines the requirements for vulnerability scanning and penetration testing across all IT systems managed by IT Services.
Stacked papers

Policies