Information Governance Committee
Secretary: Kirsty Rothwell, Email: email@example.com
Terms of Reference
- To be accountable for the University’s Information Governance related policies and management arrangements to ensure they are compatible with the strategic direction of the organisation in handling and protecting information throughout its lifecycle.
- To establish and regularly review an information risk register and Information Governance Policies to ensure alignment with information governance priorities within relevant faculty, school or departmental plans and changes within the organization.
- To monitor and oversee compliance with Information Governance Policies across the University, through KPI’s, progress updates and reports from the Information Governance Practitioners Group.
- To receive and consider reports into data loss or data security incidents and where appropriate to undertake or recommend remedial action.
- To receive progress updates on the annual data security accreditation standards such as NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials and PCI DSS.
- To review the IT Acceptable Use Policy and the Information Management Policy annually.
- To take an overview of annual statutory returns including the assurance process and data quality issues, and where appropriate recommend remedial action.
- To provide wider information governance context and challenge to the Data Governance Project within the Data Improvement Programme.
- To review the terms of reference (TOR) at least annually and update them as needed to respond to changes in the organization or to external drivers or requirements.
The Information Governance Committee reports to the Formal Senior Leadership Team, referring matters to Audit Committee as appropriate.
Frequency of Meetings
The Information Governance Committee will meet four times per year.
The quorum for meetings of the Information Governance Committee shall be three members of the Committee and include at least two Directors.