You're Invited! Information Security Standards Town Hall

You're Invited! Information Security Standards Town Hall

April 02, 2024

UBC is committed to protecting its confidential data and information systems. As part of this commitment, we have established Information Security Standards that govern how everyone at UBC uses and safeguards university data and computing resources.

The Standards are living documents periodically reviewed to adapt to evolving technologies, security risks, and user expectations. The Information Security Standards Working Group (ISSWG) has proposed revisions to several standards.

Come Join Us!

We invite you to learn more about the proposed revisions to the Information Security Standards and have your questions answered by members of the ISSWG.

For convenience, we have scheduled two identical sessions on two separate dates. Please register for the single session that is most convenient for you.

Option 1:

Date: Wednesday, April 17, 2024

Time: 10:00 am – 11:00 am

Link to Register:


Option 2:

Date: Thursday, April 25, 2024

Time: 1:00 pm – 2:00 pm

Link to Register:


What are the Information Security Standards and Why are They Important?

The Information Security Standards were implemented to protect UBC data from unauthorized access, ensure it is always available and accurate, and to comply with data protection laws. The Standards were created based on best practices from various organizations and consider UBC's specific IT infrastructure and risk management needs. They are reviewed and updated periodically to reflect evolving technologies and user feedback.

They apply to almost all UBC electronic systems and information used for university business purposes.


What are the Proposed Revisions Based on the Review?

The ISSWG has proposed revisions to several standards, including:

  • U1: Security Classification of UBC Electronic Information
    • Aims to establish a clearer system for classifying electronic services based on risk.
    • Defines clear roles and responsibilities for managing information security risks.
    • Addresses the need for regular Security Threat and Risk Assessments (STRAs).
  • U3: Transmission and Sharing of UBC Electronic Information
    • Updates guidance to reflect recent changes to the Freedom of Information and Protection of Privacy Act (FIPPA).
  • U9: Outsourcing and Service Provider Management
    • Updates guidance to reflect recent changes to FIPPA concerning data storage location.
  • U10: Accessing Electronic Accounts of Other Users
    • Modification to Criteria for Access to UBC Electronic Information without Consent
  • Glossary
    • Revised definitions of UBC Systems, UBC Electronic Services, and Constituents

We encourage everyone to attend this important event. Your participation is valuable in ensuring the Information Security Standards remain effective in protecting UBC's data and information systems.

We look forward to seeing you!