Norwegian version of this page

Information security for managers

Terms you have to know

The manager responsibilities

Managers must

  • make sure that their employees are familiar with the issues surrounding information security and that they are properly trained in routines and regulations 
  • be able to catch, receive and report discrepanices
  • report significant changes in the processing of personal data or the use of systems or services supporten the activities of their employees
  • assist in annual internal audits and on-site inspections carried out by employees of the IT director's staff

About IT systems

Managers must

  • be aware of what types of data is processed in the IT systems used where you are the manager
  • make sure that local IT is familiar with your IT systems
  • familiarize yourself with the part of LSIS pertaining classification of information
  • be aware of which IT systems contain personal and/or sensitive data
  • make sure that data and documents are only processed in the IT systems meant for processing them. There are to be no data or documents processed in shadow systems that are not properly operated.

About exchanging data

Managers must

  • pay special attention to exchanging of data
  • only use e-mail for documents that are allowed to be sent via e-mail , according to the IT regulations at UiO
  • pay special attention when data is being fetched from IT systems, for example for local work stations or laptops


You must

Published Nov. 30, 2018 10:34 AM - Last modified May 3, 2019 12:07 PM