IT Security Guideline and Concept
An essential aspect of information security is the protection of data processed on IT systems and in IT applications by means of technical and organizational measures - IT security. The topic of IT security has been firmly anchored at KIT for many years:
IT Security Guideline
The KIT IT Security Guideline (German only) documents the objectives of IT security management and specifies, among other things, the stakeholders entrusted with this topic. It was put into force by the Executive Board on October 01, 2009.
According to the IT Security Guideline, KIT protects its interests and reputation in the public by securing its ability to work, trustworthiness, and reliability. KIT's IT security objectives include:
- ensuring the availability and protecting the integrity of IT systems, programs and data
- handling confidential information, regardless of the way it is stored, in such a way that its confidentiality is ensured at all times
- ensuring the integrity, operability and confidentiality of work results and of project data,
- complying with the relevant laws and other legal obligations, and safeguarding the personal rights of members.
IT Security Concept
The KIT IT Security Concept (German only) serves to implement the security strategy and describes the fifteen basic procedures for achieving the set security goals. The IT security concept is the central document in KIT's IT security process.
Every specific measure in a specific IT security concept of an information network must ultimately be traceable to KIT's IT security concept. An information network can thus relate to specialised tasks, business processes, or organizational areas. It comprises all infrastructural, organizational, personnel, and technical components that serve the fulfillment of tasks in this scope of information processing.