The ICBM IT security concept as PDF document (english only):

Preamble

The complex, heterogeneous structure of the ICBM and UOL places special demands on IT security management. The following measures are taken to meet these demands:

• Recording, consistent monitoring, and effectiveness testing of planned and implemented IT security measures at the ICBM
• Personnel support for the IT security concept by an IT security officer
• The establishment of uniform IT security-related documentation across all working groups (e.g., IT security incident reports, employee training, software inventory lists)
• Creation of a training plan for new and existing employees (this applies to initial training as well as refresher courses)

It is crucial that both the ICBM management and the various working groups, with their different needs and tasks, actively support the IT security concept and its implementation and identify with it and their work.

This also and above all means that a communication process takes place in which the ICBM's IT security officer and the working groups work together to optimally adapt and implement the measures to be taken.

This document is a hybrid document. It serves a high-level overview of IT security in general and in ICBM in particular as well as it contains specific rules to ensure secure IT operations for all users.

Disclaimer

The UOL guidelines for information security are to be applied in full extend:

https://uol.de/uni/amtliche_mitteilungen/datei/?file=AM2019-033_Informationssicherheitleitlinie.pdf&ts=1773874800

Whenever the statements in this document are somewhat in contradiction to the UOL IT security guidelines, the latter oversede this document.