Manchester Metropolitan University

Call IT Support Email IT Support

Information Security

Protecting information created, received and shared by staff and students across the University

About the Information Security Team

The Information Security Team is responsible for the development, operation and continuous improvement of information security across the University ensuring the availability, confidentiality and integrity of its information.

We define information security policies and procedures, advise on secure IT arrangements, provide training and practical advice that the University can use to meet business requirements while maintaining security. We are responsible for information security risk management and compliance, and the monitoring of IT systems to prevent and detect attacks.

We work closely with the University's other Information Governance functions, supporting the Legal Team with Data Protection compliance and contract reviews, and supporting the Records Management Team with aspects of information asset management.

Information Security Strategy

Our Strategy outlines some critical success factors:

  • We define and keep the University information security system and associated policies and procedures up to date and fit for purpose, and support departments and faculties to implement it
  • We implement asset lifecycle management, supporting the University’s information security risk management process and work with departments and faculties to manage information security risks associated with their IT, projects and third-party agreements
  • We work with departments and faculties across the University to ensure proportionate and robust IT solutions are in place supporting our Information Security Strategy
  • We work with colleagues to identify regulatory and legislative requirements, including PCI DSS and data protection legislation, ensuring policy and control arrangements are adequate
  • We manage, co-ordinate and record all information security incidents across the University, and provide advice on how best to mitigate any associated risks
  • We ensure all staff and contractors have the right skills, knowledge and guidance to maintain the security of information held across the University
  • We operate an information security compliance programme to meet University and external requirements, and provide assurance to stakeholders

Read the Information Security Strategy

Report an information security incident

An information security incident is:

All users who access, use or manage University information are responsible for reporting information security incidents.

This includes concerns about the security of an IT account, computer or University IT service, as well as loss or disclosure of paper information, or weaknesses in a business process.

If you are aware of, or suspect, an information security incident is taking or has taken place, please report it by clicking the button below. Please provide as much detail as you can about the incident.

Report an information security incident

Contact us

For any information security advice or to report an information security incident please contact the Information Security Team. Email:

Data Protection or Freedom of Information enquiries

Records management enquiries

Information Security