Information Security Management Systems (ISMS) which compliance to MS ISO/IEC 27001:2013 standard at the UPM was established to manage information security systems in accordance with all safety regulations governing information from time to time to ensure all data related to the scope of the ISMS to minimize the incident cases. ISMS is also intended to facilitate the sharing of information in accordance with the operational needs of the Data Centre, UPM. The objective of ISMS is to manage and protect information security in line with the needs and expectations of stakeholders. It emphasizes to the concepts or principles of information security preservation of the confidentiality, integrity and availability. The first stage of the audit was held on 24 October 2012, followed by the Second Stage Audit on 19-20 December 2012. UPM has successfully acquired certification of ISMS certificates numbered AR 5761 on 4 January 2013.
Universiti Putra Malaysia is highly committed in effectively providing and managing of the ISMS via following:
Implementation of ISMS according to standard compliance and it is in line with the mission and vision of the University;
Compliance with the requirements of the organization and legislation and related regulations;
Develop ISMS objectives and targets based on the monitored security objectives;
Commitment to meet the needs related to information security; and
Continuous assessment and keep updating of ISMS’s policies, objectives and targets for continuous improvement.
[ISMS policy has been endorsed by the Chairman of the Board of University Directors dated 9 December 2014]
The scopes of the ISMS Certification UPM are identified as follows:
Information Security Management Systems involves the new Undergraduate Students Registration process during Minggu Perkasa Putra.
Information Security Management Systems for the Operational Data Centre for New undergraduate students registration process.
Information Security Management Systems for the operation of the disaster recovery Centre for New undergraduate students registration process.
With the availability of the ISMS at UPM, data management and security levels are more manageable and organized. In addition, the development of procedures, guidelines and Statement of Applicability (SOA) on ISMS will help further more systematic way of working. The use of the forms and procedure of the work will facilitate the tracking information at an early stage in case of any untoward incident. Therefore, ISMS has made UPM in a way forward in data management system.
Office of The Deputy Vice Chancellor (Research & Innovation)
Universiti Putra Malaysia
43400 UPM Serdang, Selangor