Overview:

The Department of Information Security comprises three sections that operate integrally to implement the missions assigned to the Department in coordination with the rest of the Vice-Deanship’s departments. This is in order to achieve the objectives of the Vice-Deanship’s operational plan. The Department is concerned with the management, control and policy development of processes related to control and access systems. It also builds, develops and manages all information security, governance and risk management services. In addition, the Department secures the requirements for the work of its sections, and seeks constant follow-up of work and evaluation of its employees’ performance. The Department is divided into the following sections:

Control and Access Systems Section:

The section provides the following services:

• Supervising all branches of the Deanship of Information Technology (Al-Azizya, Al-Abediyah, and Al-Zaher) permanently via cameras to ensure safety of work progress.
• Managing access and exit to and from the offices in the Deanship of Information Technology by documenting the fingerprint or magnetic cards for each individual user.
• Preparing periodic reports regarding the section with respect to assets and problems and submitting them to the Dean and Vice-Dean.

Security Services Section:

The section supervises provision of the following services:

• Protecting and monitoring operating systems, servers, networks, databases, applications, services, e-portals and personal computers, and address their problems through firewall.
• Protecting all of the above by means of anti-viruses, for at least (5,000) five thousand devices.
• Providing VPN for UQU staff upon the need to access UQU network externally, according to approved policies and authorities until the service is provided.
• Following up on the latest developments in information security regarding cyber-attacks, and reporting to the various departments in their respective domains.
• Raising the level of the user’s awareness, whether inside or outside the Deanship, of the best behaviors to achieve optimal information security.
• Proposing policies for giving remote access powers to UQU network and monitoring users of remote access to the network and checking their validity periodically.
• Preparing periodic reports regarding the section with respect to assets and problems and submitting them to the Dean and Vice-Dean.

Governance and Risk Management Section:

The section is assigned to fulfill the following tasks:

• Monitoring and developing the mechanism of work in different sections to ensure stability and effectiveness of productivity.
• Developing the structure of procedures in a manner that ensures trust building between the Deanship and the relevant bodies both inside and outside UQU.
• Checking various practices to avoid certain fraudulent practices that are detrimental to an effective working frequency.
• Proposing appropriate mechanisms to identify, measure and assess potential risks.
• Formulating, verifying the effectiveness of and training for several proposals for the continuity of work during anticipated risks.
• Writing down the old risks and scientific ways to overcome them in order to benefit from them in the future, and developing appropriate mechanisms to raise awareness and reduce risks.
• Communicating with each of the different departments of the Deanship to build a complete vision of business continuity plans.
• Setting standards for technical audits.
• Performing technical audits.
• Evaluating and measuring the effectiveness of services.
• Conducting IT operations such as information security and projects.
• Identifying, measuring and assessing risk.
• Determining the impact of risk and possibility of occurrence.
• Developing and implementing risk management plans.
• Preparing periodic reports regarding the section with respect to assets and problems and submitting them to the Dean and Vice-Dean.