+66 7791 3372 ist@sru.ac.th Mon-Fri : 8.30am - 4.30pm

Data Management Policy - Objectives

Category: นโยบายจัดการข้อมูล

Article Index

Page 2 of 9

Objectives

 

Suratthani Rajabhat University sets forth this Information Security Policy and Practices with the following objectives:

 

2.1 To establish security standards for the use of the university’s IT and communication systems in compliance with relevant laws and regulations.

2.2 To ensure trust in the security and efficiency of the university’s IT systems and communication operations.

2.3 To disseminate the policy and practices to executives, faculty, staff, and students so that they understand, appreciate, and strictly follow them.

2.4 To create a systematic process for regular audit and risk assessment of information and IT systems at least once per year.

2.5 The President, as the Chief Executive Officer (CEO) of the university, is accountable for any risks, damages, or harms to the university or individuals arising from system failures, negligence, or violation of this policy.

2.6 This policy must be reviewed, audited, and updated at least annually or whenever significant changes occur.

 

 

3. Policy Goals

The goals of this policy are:

 

3.1 To promote and support information security in line with the university’s mission and policies.

3.2 To govern IT operations to ensure systems are accurate, complete, and available.

3.3 To raise awareness and understanding among all stakeholders, both internal and external.

3.4 To monitor, assess, and revise the information security policy and practices in response to changing circumstances.

 

4. Components of the Policy

 

 

This Information Security Policy and Practices is structured to align with the university’s strategic approach to information security, comprising:

 

 

Definitions

 

 

 

Part 1: Information Access Control Policy

 

 

  1. Information access control within the university

  2. User access management

  3. User responsibilities

  4. Network access control

  5. Use of the Internet

  6. Server management

  7. Electronic mail usage and control

  8. Operating system access control

  9. Server access control

  10. Public computer access control

  11. Application and information system access control

  12. Traffic log management

  13. System administrator responsibilities

  14. Use of social networks

  15. Physical and environmental security

 

Part 2: Backup and Recovery Policy

 

Part 3: Verification and Information Risk Assessment Policy

 

Part 4: Information Security Awareness Policy

Each section includes objectives, standards, guidelines, and procedures that collectively ensure the university’s IT infrastructure remains secure and resilient. Compliance with this policy is mandatory for all staff, system users, and external agencies that interact with the university’s IT systems.

 

Read Time: 34 mins
Hits: 25
Contact Info

272 International School of Tourism, Chalerm Phra Kiat 80th Anniversary Building, 7th Floor, Suratthani Rajabhat University
Khuntale, Muang, Surat Thani
Post code : 84100
ist@sru.ac.th
+66 77 913 372

About Us
Hall of Fame
Documents & E-Services
Our Programs
Follow Us