Information Security Policy
The Nagoya Institute of Technology (NITech) has set forth its basic policy on information asset management in this Information Security Policy for the purposes of invigorating the activities of NITech and its members in today's information society.
The Nagoya Institute of Technology Information Security Policy
Ⅰ. Purpose
In our information-driven society, information travels much faster than ever before, allowing us to have instant access to the information that we need and to communicate our own to every corner of the globe. To stimulate the activities of the Nagoya Institute of Technology (NITech), its staff/faculty members and students (hereinafter, "members of NITech") in this information society, NITech has hereby established this Information Security Policy.
Ⅱ. Basic Philosophy
1. Balance with convenience
As entities open to the public, universities can contribute to the development of learning by providing opportunities for researchers to come together to freely exchange opinions and send out information. For the sake of free inquiry and transmission of knowledge among researchers, such opportunities must be sufficient to ensure the openness and convenience of information.
Meanwhile, for our information society to achieve sound development, it is necessary to assure information security. As such, universities have a social responsibility to undertake appropriate measures in this regard.
NITech will provide guidelines, in the form of this Information Security Policy, that NITech and its members shall follow in order to make appropriate decisions from their respective standpoints when faced with the seemingly contradictory requirements of openness/convenience and security.
2. Flexible operation
Rather than implementing inflexible and detailed restrictions, NITech will develop an environment that encourages each member of NITech to act flexibly using information technology on his/her own responsibility and without being required to bear any irrational or indefinite responsibility.
3. Assurance of information security
Introducing and operating information security equipment cannot alone serve to maintain appropriate levels of information security. Since in the end it is people who ensure the security of information, it is essential that the users of information themselves raise their security awareness and maintain and enhance their skills in order to maintain appropriate levels of information security.
From this perspective, NITech will introduce a system for providing necessary education/training on information security to members of NITech, thereby assuring and improving overall information security.
Ⅲ. Preparation of Relevant Rules and Regulations
To protect and flexibly use information and implement appropriate information security measures, NITech will develop the Nagoya Institute of Technology Basic Regulations on Information Systems, which will stipulate basic matters concerning the organizational structure, operation, management, and education/training for NITech’s information systems, and will prepare related regulations, procedures and other rules (hereinafter, "relevant rules and regulations“).
Ⅳ. Penalty Provisions
NITech may, when it deems necessary, add provisions of use restrictions and penalties to the relevant rules and regulations prepared in accordance with the Information Security Policy, in case any member of NITech violates the relevant rules and regulations.
Enacted: March 8, 2005
Revised: January 6, 2017