1. Principles and Rationale
Background
According to the Royal Decree on Criteria and Procedures for Electronic Government Transactions B.E. 2549 (2006), particularly Sections 5, 7, and 8 issued under the authority of Section 35 of the Electronic Transactions Act B.E. 2544 (2001), government agencies are required to establish a written Information Security Policy and Practices to ensure that operations and services are secure, reliable, and internationally recognized.
Furthermore, based on the Notification of the Electronic Transactions Commission on Guidelines for Information Security Practices in Government Agencies B.E. 2553 (2010), state agencies must maintain a formal written policy regarding information security.
Suratthani Rajabhat University, therefore, has formulated this policy and guidelines to ensure that its information technology systems are managed appropriately, effectively, and securely. The aim is to ensure continuity of service, protect against threats, and comply fully with relevant laws, including preparation for future IT-related legislation, and to prevent issues arising from improper use or malicious threats.
