Information Governance Group

Purpose and Scope

The primary purpose of the Information Governance Group (IGG) is to ensure a consistent information governance strategy across the University.  As part of that the Group exists to facilitate the exchange of knowledge and best practice in the overall management of information within the many disparate parts of the University and to recommend any action or policy which will promote, improve and assure the efficient and safe processing of University data and records.

Key Objectives

  • Provide a focal point for the collaborative resolution and discussion of information management issues.
  • To ensure a collaborative and consistent approach to the implementation of information governance and records management policies throughout the University
  • Identify high risk areas of information processing that require privacy impact assessments, policy review or data sharing agreements and oversee information risks escalating these where necessary. The Group will consult with and take advice from the Information Security Advisory Group as appropriate.
  • Identify the need for staff training and recommend appropriate programmes to increase and promote a consistent and universal awareness of information security, data protection, freedom of information and records management issues across the University.
  • To review and advise on relevant University Records Management and archiving issues including: scanning; records retention; destruction; storage and digital preservation.
  • To review any serious breaches of the General Data Protection Regulation and Freedom of Information (Scotland) Act 2002 or any other performance related issues involving the UK or Scottish Information Commissioners.
  • To promote and encourage electronic records management throughout the University.

Group Membership

The IGG core membership will include:

  • Chair: Deputy Secretary
  • Head of the Data Protection and FOI office
  • University Archivist
  • Director of IT Services
  • Information Security Co-ordinator
  • Head of Development and Integration, IT Services
  • Clerk: Information Compliance and Records Management Specialist

Accountability and Reporting

This is a formal decision making group reporting to the Information Policy and Strategy Committee (IPSC).

Meeting frequency

Bimonthly for the first six months, then quarterly or in extremis.