Information Security and Data Protection

The department is dedicated to the protection of personal data and the secure processing and storage of information. It supports research, teaching, and administration by providing advice, training, and developing technical and organizational measures. The aim is to implement legal requirements—in particular the GDPR—and to ensure a high level of information security within the university.

Goals

• Ensuring compliance with legal regulations
• Protection of personal data
• Raising awareness and training university staff in the responsible handling of data
• Advice and support

Responsibilities

• Cooperation and coordination with data protection officers
• Information security
  • Strategic planning and development of concepts, standards, and guidelines for information security at ABU
  • Identification of all security-relevant processes
  • Establishment of a management system for information security
  • Conducting information security risk analyses
  • Management of security incidents
  • Planning and implementation of awareness measures
  • Conducting and supporting audits
• Data protection
  • Definition of data protection processes and guidelines
  • Conducting data protection impact assessments
  • Maintaining the ABU's processing directory
  • Data protection support for projects in the context of digitization (privacy by design)
  • Reviewing and drafting contracts in the context of data protection