You are here

About the Information Security Office

The Information Security Office (ISO) is responsible for the privacy and security of the Institute’s information resources.

The goals of the ISO are:

  • Provide useful resources and information security training materials to aid the Wentworth community in improving data and computer security practices.
  • Develop and implement information security initiatives based on risks to make the best use of the resources available
  • Provide the Wentworth community with effective leadership in information security and privacy, as well as regulatory and industry standards compliance.

To achieve these goals, the ISO develops an information security strategy that is based on four principles. These principles form the four service domains offered by the ISO.

Information Security Risk Management

Basing an information security strategy on risks ensures that the strategy is focused on the actual threats and vulnerabilities that are most prevalent and significant to the Institute. This approach allows for a program that makes the most efficient and effective use of resources.

Incident & Contingency Planning

Although most attempts are made to identify and address all potential risks, the ever-changing threat landscape will guarantee the potential for a new weakness, unidentified risk, or an uncontrollable event, such as a natural disaster, may circumvent the Institute’s countermeasures. Therefore, it is vital that the Institute be prepared for handling and responding to incidents of varying severity.

Information Security Governance

The ISO will work with representatives throughout the Institute to formulate the strategy that will influence and audit the information security policies and procedures that will form the foundation and guiding principles for the controls and countermeasures chosen to address the information security risks that threaten the security and privacy of the Institute’s data and information systems.

Information Security Education & Training

All the planning, policies, governance and technical tools available to the mitigate risks cannot provide a completely successful information security strategy without the proper training and awareness. Keeping up-to-date with the materials that will be continually developed, distributed, and updated, will enable all members of the Wentworth community to be a vital participant in ensuring the effectiveness of the information security plan.

Contact Us

General Inquiries

Report an Incident

Follow us on Twitter.

@InfoSec_WIT – InfoSec at Wentworth

@DTSatWIT – DTS at Wentworth