Policy to ensure that information held in university systems and services is appropriately secured to protect against the possible consequences of breaches of confidentiality, failures of integrity or interruptions to the availability of that information.