- - -

Appendix 5.5

• Procedures related to student records: electronic archiving and record, confidentiality of students-records, procedure to submit student results.

• Access control policy

• ISO (27001) certificate.

• Policy of information security and quality.

• Benchmark KAU IT services with 500 USA universities.

   

 

Appendix 5.5

 Procedures to protect student records

Electronic archiving; confidentiality of student records; procedures to submit results; access levels of results and data; follow up of student academic performance; statistical data for quality assurance centers; regulations to submit, approve and change results.

 Access control policy

 ISO (27001) certificate

 Policy of information, security and quality

 Bench-marking KAU ICT services with 500 US universities

This E-doCUlllent is not approved. To get approved one please contact to IT deanship - Information Security &

Quality Department

Access Control Policy

Document Revision #: 0.1

This E-document is not approved. To get approved one please contact to IT deanship - Information Security &

Quality Department.

King Abdulaziz University

Table of Contents

Issue ControL .......................... Error! Bookmark not defined.

Change Approval ........................ .. Error! Bookmark not defined.

Review and Update .. ... Error! Bookmark not defined.

Policy Structure... ... ... ... 3

1. Purpose ... .. .. ... 3

2. Scope ........................ 3

3. Role and Responsibilities ... ... 3

4. Compliance..... .... .. ..... ................... ...... 4

5. Waiver Criteria ... ... 4

6. Related Policies ... 4

7. Owner................................ 5

8. Policy Statement ... ... 6

Glossary... ... 14

This E-c\ocument is !lot approved. To get approved one please contact to IT deanship - Information Security &

Quality Department.

King Abdulaziz University

Policy Structure 1. Purpose

Access control policy of KAU is to manage logical and physical access only to authorized individuals and devices inside the KAU premises.

2. Scope

This policy applies to KAU and all parties, its affiliated partners, companies or subsidiaries, including data processing and process control systems, that are in possession of or using information and/or facilities owned by KAU.

This policy applies to all staff/ users that are directly or indirectly employed by KAU, subsidiaries or any entity conducting work on behalf of KAU that involves the use of information assets owned by KAU.

3. Role and Responsibilities

Based on KAU's Organizational Structure, the following is a list of roles and their associated responsibilities towards this policy.

1. IT Dean ' Role

• Enforce security policies within KAU environment to protect critical business information assets and software.

• Ensure that security policies are compliant with KAU legal and contractual requirement.

• Approve the use of all information systems used to process, store, or print sensitive information.

• Approve the new or modifications of existing security policies.

2. IT Deanship Role

• Distribute information security documents so that those who need such documents have copies or can readily locate the documents via an intranet site.

• Ensure the protection of information/infrastructure systems, according to the technological mechanisms defined by the system / application design team.

• Perform system/application/network security monitoring.

3. Information Security Department Role

This E-document is not approved. To get approved one please contact to IT deanship - Information Security &

Quality Department.

King Abdulaziz University fi;-J\ ¥ clW\

;i,u~

• Define and maintain the information security policies.

• Prepare and periodically updates information security manuals needed to advance information security at KAU.

• Implement appropriate controls to protect the confidentiality, integrity and authenticity of sensitive information.

4. User Role

• Adhere to security policies, guidelines and procedures pertaining to the protection of sensitive data.

• Report actual or suspected vulnerabilities in the confidentiality, integrity or availability of sensitive data to Information Security Manager

• Use the information only for the purpose intended by KAU .

4. Compliance

Compliance with this policy is mandatory and KAU division managers must ensure continuous compliance monitoring within their divisions. Compliance with the statements of this policy is a matter of periodic review by Information Security Manager and any violation of the policy will result in corrective action by the Information Security Committee with cooperation with relevant security entities. Disciplinary action will be consistent with the severity of the incident, as determined by an investigation, and may include, but not be limited to:

• Loss of access privileges to information assets.

• Actions like Financial/monetary penalty, termination of the employee or downgrading from the existing position as deemed appropriate by IT Dean, Administration Department, and the Legal Division

5. Waiver Criteria

This policy is intended to address information security requirements. If needed, waivers could be formally submitted to the Information Security Department, including justification and benefits attributed to the waiver, and must be approved by KAU Information Security Steering Committee.

The policy waiver period have maximum period of one year, and can be reassessed and re-approved, if necessary for maximum three consecutive terms. No policy should be provided waiver for more than three consecutive terms.

6. Related Policies

• Compliance Policy.

This E-document is not: approved. To get approved one please contact to IT deanship - Information Security &

Quality Department.

King Abdulaziz University

• Information Security Policy.

• Communications and Operations Management Policy.

• Personnel Security Policy.

• Physical and Environmental Security Policy.

7. Owner

• Information Security Manager.

This E-c1ocument is not approved. To get approved one please contact to IT deanship -Information Security &.

Quality Department.

King Abdulaziz University

8. Policy Statement

KAU access control rules and rights for each user or group of users shall be clearly stated in an access control policy. Both types of access controls logical and physical shall be considered together for optimum security implementation.

1. Information Access

Policy Objective Control access to information [A.11.1.]

Policy Statement

~ Access to information shall be controlled on the basis of business and security requirements, as well as the access control rules defined for each information system. These rules shall take into account the following:

• Security requirements of the business application(s).

• An identified business requirement for the user to have access to the information or business process ('need to know' principle).

• All access is denied unless specifically approved under

i

the provisions of this policy.

I

• Legal and/or contractual obligation to restrict or protect access to information systems.

• Definition of user access profiles and management of

I

user access rights throughout KAU's IT infrastructure.

I

~ Access for contractors, consultants, or vendor personnel to KAU's critical business information assets shall be provided only on the basis of a contractual agreement. This agreement will i

'd I

proVI e: '

• The terms and conditions under which access is provided.

•

The responsibilities of the contractors, consultants or vendor personnel.

j

• Agreement by the contractors, consultants or vendor personnel to abide KAU's Iinformation Security Policy and Supplementary Information Security Policies.

~ Access Control shall be implemented by defining group profiles with specific access privileges. Individual users shall not be assigned specific access but they will be provided access by means of membership into pre-defined user groups.

~

Access to information assets shall be immediately revoked upon i role change, resignation or termination of service.

· ,

~

^yJI Obi,"}.J

~

^.Jfil

~LbH

wb.i:i..IIA.J wUL

~ ~.J

^-:

~

^.Jfi'11

~.J

^{YI ­}

~ .J~ ~ J~I.J ~4JIu.J J)L;.

0.a

~\.hll

uL.

~ t)Lb'11 UJ' 0;';' .,11 ..illiS .J.~4J1 ~I.Jj J~ ~ ~I ~)j)'l.J ~j\sYI wl).;iII.J ~~Ll.lI .(jb~

f)';';"'~ ojh,.., w~~.J wl.Jj.,,: ~~..illj.)c t)\.b'11

0.a

4WI o)j)l\ ~

su

J..foll ~lhll w)4...1:..b.. ~1

•

: .)l:ill ~\ ~ J_l~.:;oJ\J wl..9.LJ\ 0-0 jok. ~ ~\..h)\ wLa~ ~jj

jly,JIJ (-'""''11 ~ ~ ~IJ ~WI wl:J\.bJ '-;-l)\.bJ 42' 0':" .~,)IJ ~j4lc-'11 wu4:J1 ~­

.~Ijlll JkAll J 'Oj~1 t~J ~IJ

~ w~.J~1 w."..:;&J ~I.J~I JJ\~I J..,...:;,:j ~IJ ~\.b ~ ~jt5.\11 wu4:J1 ~­

.J=..\yJI

~WI ^w41$ ~~^{lY'.Jj j} ~I ~I.J~I wl.JjiJI JI jlyJl ~~ ~~­

.A.'~".'\.J~I 4hly ~

~ ^jA ~ 'OkAll J ~WI wl:J\.bJ '-;-l)lb~.JA;l (~.,iJI ~1.J~I.hkJ1 ~­

.~4J1

w4lS)

('Wi .jl yJl o~ jtS.... J ok. yo ~~ jJ~ ~W~ -.J-'.JjJ .,iJ1 ~I jl yJ\ ~ ­

.

.:il.i~I~ :j4.!.,.b .fiyJ~ ~b 4j.;6 ~ ~ ~ ~

(Tablets)

w~

.)c

~ j~

. 4-a-':1

~

·;~...

, f ' _ . ...:, . • ,

"!.-;" .0;.

~- ~. 'f"'T

~.JI.bJ'r'I.;.1l1 W~~0.:r

..

.. ~.~~~~~

~..,.wlJ.-.. ~

~....-.lll~(....lJl.

i "-..-1 ."I -...JJ1 ....l! ";.. .e

1 • - • ..,...,­

, . ~t;j: 'l,f,iltl,~' ~~:~i:~'if.:(~X~'-;'-:' '? .,

..lJ;ll) 6A1~JI

~.

. (records

·~ ,~ 'b...i.ll ~ J

;LJi

..

0---:!...rb us=- ~..J.llI1 4 ;:.L=.I ~

J-a

ufo)' \ ~..rb ~ ~lJ.:J\ ~y. ~I i~ ­

~\ ~\~\ A ?/,., ~.llUJ JG...~! ~.bi; o~WI ~~'i ~~ ~J

(ODUS) rlhi .b.9.9

~J~

~~i ;:.lbc.! ~

<UJ'

~

!.A, ..\Luc.1

~~

<U ...jill_J

~I .AJ ~! ~j~ ~, ­ ,

'~)'

-1.a::J1

".1,

i.b.

~

\

~I

Jh ,

j .

i

'0

-1.a::J1

~~ o~WI

~J , J , (,..r: '-? i.?,sp y , _

. J!~I ~)\...a ~I

j...-Sy

~! 4.Jj\.p. ji:WJ ~I

J::SJ

^{~ J-a} \.A. ..\Luc.1 ~ ~I ~J jA ~..\Luc.1 A,l ­

."0 y:.~ ~lc"kJ1 4J",;;',

,

~

^..>.u

~I

^L1SJJ

~I ~..J

^{4j9IJAJ o..)W\}

jG..J ~~ 'lJ ~ ^'1 ~m

^.h.:l

L1~ (ji ­

.~..,lhJ\ J:~\

Y\.»'i

~~ ~\J J~\ o..)~~..J ~\..b.

~, o..)~~ wt.:,~'l\ o)..)l ~ ~ ~i ~ ~ ~tu1\

^.l..a..J

L.r.a Y~'l\

.h.:l ­

. ~\J L.r.a~1 wlb~\ ~ ~ ~~ ~L.:.. tJ~

f --11·· .

.

^~~~~

.(Data Set)

~~I c::-"\y c!JA ~ ~y-

o~~19 ,-,Lo~1 v-<>I 0;1:.1 - ,-,Lo~1 ~ o~Lo.r.

300·Pol·OS : ."..)1

Deanship of Information Technology - Information Security Management 8t Quality 1 1 . ).>..0)11

upJJI.b,....D

Access Control

JI....1 .\

~ ~..lWIJ .jhW1 Jp.ol!l 'OJ..l) .)! (~L;JI) j!jaJl

*'

^{-ill.J1 ~~ ~\iJ1 J~\ ~ L~} ..,r"Y

~WI . J:;..I..l I. . . -.11 • . ~I . '.~ -II L:...:;.~I 1- J . ol!l

u..c ... . ­

• . ~ -e-:' c:~ ~ J \.J:!'""'y- cY" IJ'"' Y. _ ~

JL..i.Il .r

~l:ill "::"'1.Sy::J1 JI ,~I.Sy::J1 ~m ~ ~ ~1...i1..;b~1 ~I.S ~J ,~jaJl

*'

^{-ill.J1 ~4- ~L4-J1 .~ ~}

1.".CI . ..l _~.JA.J .. ..::..."J .•.

J_

~ ^J il J ..::...L...L-Y"-" f' ~ J i, <..s-1- ~ ~- -<..r'.' . ~II..::...uL...lI~-\.:.; . ~J "::"'UWIWl.o...-\.:.; '" . ~<..s-1-J ,1.1'-e-'

~~

JI ,~4JI .sol! oy:.4-0 o.J:!C- JI .y:.4-0 o.)~ U~

l.&ll

~~I l~yJ'l ~I.S ~ L4-J1 .~ '-,?y.ijJ 1.1 ~l:ill ~'L...L -II J ~I I~I' ..' ~WI ,'..::. ~L.i 1- iW:i... .d'; L_ ~i i 1.1 ~l:ill ..::...1--11

.'-e-' . _ . r - ' ~ f' ~ ...- .• UA'" • . f'~""'" _ J '-e-'. ~

.:.iY.l~19 J9~1

.f'

:L4-J1

.41

~..rJ1 ..::...41~IJ .)IJ..l'J~ ~\.!.):! ~ ..l.)~ , ~~ ~I ~I ~ ~~

o.)\J'i1 .).JJ • \

. J-.ll4.;~1 ~1y,lIJ ~1..~1 J."..-o~1 4.;W ~4J1 ~~4.;WI uL...~ J.,.W:i~..l •

.~~4.;.l!lLilIJ ^{~.,;WI u~1}t'" 4.;WI uL...~ ~Iji U~ •

L~I..::...L.. .L.II ~\..J:, 1 .... Wl.o... .J t..~1 ..::...L.. .L.II _\.:.; ~I.S I~I I-:WI ..II •

. . r - ' . J U:!..PWJ . . . . . r - ' ~ f' <..s- Y"

.4.:lWI uL...4-J1 ~

fi:i

~I u~1 ~ Ji •.l,!~1 uL...4-J1 ~:WI."JI •

~LA~\ AJiii OJ~ .).JJ."

. I.;.C .~ 1,1.;- · . 1-1 •.II.\b.J ~\I ..:.I--'\~~,uL..·L _I I ~~ "\j " .

0'" ~ J _ c--' IJ'"' '1t:!". C ... ~ . . . r - ' . L.}' J tj.)Y

.~l ol!I ~I ..)c

e;!Y'

^y,c

4*

J."...,...,JI ..:.lbb:ill 1- \.:. ;\1 - - •• lA..l.b. ';\1 ~I uW::U U! ;i..,:i~:i.H WI I..::...L.. .L -II • \.:.; ~~ . ~ •

. .. ~ ~1Y...r ' - . r . • J . . . . r - ' r - . U

.~I /w~1 /~I ~L..,. ~I..>" •

~LA~I

UAi

o.)IJ! .).JJ ."

..::...1..WS.l1 _.. .~..::..u~ ,~WI _{_ J . ...} ..J..::...L..·L ·'1 _{r - '} ~~ _.

.s

^{~ y.~')} • . '._"' t.. ')lJ1 uL.. .L -II . r - ' . ~~..::...Lu:;5; .. ..l1..lc.1.

•

. '-,?.)J..l ~

.~IwL..~I ~iJ t..~J 4.;.>'" 4.;W ~~I ~I~I ~ •

Pagel 300-Pol-05-V1.l 2/11/2012

_ 01

o:.~19 ,-,loglaoJl ...,i 0JI:.I - ,-,l..oglaoJl ~o;,1..a..c 300-po/-OS : ).<»/

Deanship of Information Technology - Information Security 8. Quality Management 1 .1: )J..Oill

u

V.lJ I .b.,..D

Access Control

•

•

.0

1.;=i11l1

^.f.

..s.l.o ~\:i.o j!y..ll ¥- .illJ1 ~4-! ~I - wi J.lil I - wl.e.lbJ.l1 :i.!lS ~J '\,1""1)) ~yl o~ ~I .Ji»y , .::..L..~I ^{L>o'i .):!.l.o} ~^L>o ~.JJ.l!1 ~IyJl ~L:.. ^4...-WI ~4-.l1 ~1'1 jil)ll ufi.:.J .!'+'"Ui lJAW:> ~1'1 jil)ll

~I_- wl.- II _{~ tA ~.} ~,',~IL..::...L.. _{.Y-' _} -'- .11 4...W:i o..lLu.. wL..· L .11 ' . . Y - ' LJA i W • I' _ wUC ' ~WI - 0·,·1>n.~'1 -'t-'~... '-i i ~ , ' -

u

Y"J

~I ~..lWI "::"'1~I~ill ..sj1...A ufi.:.J .~ wl~I~) jL:...~ ~~)l1 .::..b ~~I "::"'~I ji ~L;J~

:~I )I ,Jt>,.J1 ~ ~ ,'::"I~I~ill 0.lA. ~J ."::"'~I o..l~ ':i~1 ~)lI..sJi-tA W)U..

,~'L..~I J~~I.)) J.,....l!1 '::"lj4J...o1 ~ •

• )..lil l olji ':i~I..sji...a.JI.)) ~yl olji....o J!jl:i J'i ,...a.l:,yJl4...-.b..lie ~~) JI ~ufo..lS .::..I~I.;.,. •

.4J.1o ~yUlI r-..ilIJ ~y!:,J1 ..l)yJIJ

1- J. --II.::..l..IihJ ..li:iJ1 '.( .. ,~WI,ljc. ..::...L...L .11 ~b ..::...Wh:i..

t '

Wt.a... II ~WI Ij", L ...." ,

<.S"'"' ~ " I' ~ . J . . Y - ' _ . ~yo. IJ". _ ---.­

~ ,4,.jc ~ ..l! .,;JI YIj.JIJ ,~I..ti:i....)l1 dt...,... ~ji tA ,wL..~1 L>ol .)..l) .)) ,~.J • .J~ ,.::..I~lti:i....1

.::..L...L .11 4...W:i •..lLu...::..L...'- .11 ' I W , 1 • .1_ ~I··II - 'i

, . Y - ' . . , . Y - ' LJA • LJA ~ . r ' r':l u

...s.fti •.>" O..lL..:ic.I _J ~I.>" 'O..ll.e.) ~ ui ~I L>oJ ,~I ~ .boIJ I'I.e. •..l...l '~4-J1 L>o ~1..ti:i...)l1 .ji! ^.lJAj ':ii u~ ~1..ti:i...1 ~ ~ )I

u

ⁱ ~ .~I ~ ~I..U. '::"Iji! G)liJ ~1..ti:i....)l1 ~ ~ 4..1!lyJl ~ •.JJ~I ,ljc. J ,~I..U. '::"1 ji! r ~ .l:!ji • ..l...l ~4--

;U1lAl1.:.aIl.:.alauY.aaJ1 .'\

I'ljil)ll ~y... • wL..~I~b~y... • ..::...4l-JI _J .::..)l1..-:i)l1 .)..l) ~y... • 0.!il:.yJI ~b ~y... •

~IJ ~..lWI ~k.J1 ~4--

•

~1011

.V

300-Pol-OS-Vl.l 2/11/2012

. €JJ

<>.)~19 ... It.~1 ...,..,i 0; 1.>1 - ,-,1o~1 ""'-<.AJ o,)~

300·Pol·OS . y» 1

Deanship of Inform ation Technology - Information Security & Quality Management 1 1: J I..l.oO '.I1

..JV.1JI~

Access Control

..:...4J,.b:i.o ~Iji ~ ~J .~..:...t....,L...JI ~) J~.lll ~ ufo Ul _{~ uL..~1}

u-I!

^J.ja.lll ~ .~ ~J...:...t....,L...JI ~00 ('Lhi ~ ~L:JI J~.lll ~1.,9J ~lA.:JIJ J,...JI IA.lUI

:.J4ic';/1 ~ ~t... hl:i Ul ~I..,ill

,J,...JI ..:...~ /~ ~lA.:J4 ~I..:...Ij ..:...~II •

..:...t...~I~) J~.ill ('~llS.ll ,J,...J4 ~..:...b ,o..l~ 46. ..l~J • ,(^~ ~ .- . n A...:..I..:JI, i.ll.J , t.i!J ) J,...JI":"'l..lk _ _Ji .~ ('tbl '-:-"i'-.JA! ~ ~lyJI ~ ~ t... J~.lll tl.".;i ~LS ~ ~ •

4...4--JI - \:", II J ' .lll ~t....:.. 1.llJii1 ~.lit..:i.ll I / :i....i 'lill ..:...t...1 '.':1,;/1 •

r--...r. y. - J _, _ J J "y Y'

...:...t...~1

~ 0:!-0~1 J~..l

..5"s..:...

^.)..l)J '0:!-0~1 J~ ..:...lil.. '--A:yU • .~4J4 ..:...t...~1 ~ ~I ~I ..l1~1

J."....~I ~) 0.!..l.JyJIJ 0±!).•:::i...';/IJ iJ:!lJliJl ~Li.l1 lJ:!ibyJI J~..l.! ~ ';/

«,

:~ t... ~I..i:i';/I .~ . ) .,r1.J:lJ I~ . ~I..i:il '-:-"i'-.JA! ';/) ~4J4:i...4JI ~"\..o~1

' .lll.J Lc..JI \.A~" ~II tb''I ..b ,'.11

,J Y. , C ' r.I:l ' " (' ~ J J..r- •

.L.0.JyJI J u:!:ul..!.:i....';/ I J iJ:!lJu.JI ..,ib".. ..:...4\.".;... • 4...~ ('Ijil';/I ~ l>.!3.JyJI JI 0±!.JI..!.:i....';/IJ iJ:!lJu.JI ~".. ~I".. •

, .~4J4 ~I ~lA.:JI ..:...L..4--J ,..:...t...~I

:i..:t....:..

Group) ~ ..:...lc~ ":"'1..lI~)..l,!~ y,c- J~.lll .h,>1."... ~ ~ or;{

lJ:!.4~1 ~ ~ ';/

u

^l ~J ....l~ J~..l ":"'lj4J..o4 ¥ji (Profiles

J~ 00 J~.lll 00 ~ ~lh

uc

t...:.JC- ~ ~,~ J~..ll>.!:l..l.,;ill ti... .~..:...lc. . , ~- '--II , . .JA=!"A~ -~

/ J ..:...t....,L...J! ~ ~) l>.!:ljl..!.:i....';/IJ iJ:!lJu.JIJ lJ:!ibyJI J~..l

..5P

~ ~ or;{

JI ~Ui...';/I ~6. .) JI 'M-! ..bWI .JJ.llI ~ ):!:!i:i -il wJ.l=o. j.,,9 ..:...t...b...\1 JI ,:i...~I~~!

I I

I

~~I.,;,,-

.J."....~I ~ ('~I ":"'I~I"»!J J~..l ~ ~J ~ji ~ ^or;{

":"'I~I..») 00 ~~ ~~';/I ~ J~.lll ~ ~.J ('~-i^l ~ ~u l ~';/ ^<;{

, ~pl .>a~J ' •..l,!~ ('~ :i..:~ ..:...t...~1 ~ ..r'~ 00 ('~ JS.l ~ ^<;{

,~4Jl ~" ..i"\..o~1 J."....~I~! J~.ll4 0)..l),1 JI Jw:.~1 I.!llL. ~00

' ~I

L»" ~t...i j..lLW ,.

w

J ^{p I} 00

w.,;b

-il ..:wJ '0:!-0~ ~ ^{';/ or;{}

~~I u"..~1

J.wJ.

~I..:JI .~ ~ .)J ,~ l.o:!9 ^{.JJyJl ~WSJ}

. ~ ~I ('~I

..5"s..:...

J~00 ..:...:; ...;II ('\.hill ~I ~LS

uc

^0~4-JI

J....~I()ou~1

• .w...31

U:I'" J",;.J u~

,,,,U!WI ~l

t"+I

^(~I

J#.

^J~JlI

w

^J 4.l.jlpJI,J

~ ~l ^{~ (~I}

r

A.I1.2] ul.o,jla...ll

I

300-Pol·OS·V1.1 2/11/2012

_ 01

1i1e:IIIF:/NCAANawards.aspx.hlm

management, eServices and IT infrastructure.

ISO (27001) Ce nificatc Ce rtificate of security information

management system certify that the manage system Of the Information Technology Deanship has been audited and found to be in accordance with the requirements of the I 02700 I :2005 scope of supply Information Security

Management System

Award Academic Learning Site The King Abdul-Aziz University Web

Site obtains a PAN ARAB Prize as a best Academic Learning site and

received the first place in the competition which cooperates with the

Arab Organization for Administrative Development League of Arab States.

Man of the Year Award for Information Technology Man of the Year Award for

Technology been awarded to Dr.

Hussein Khaled, Dean of Information Technology, where he achieved many

of the technical and managerial achievements in the field of management and implementation of

international standards in the Information Technology Department

Abha Award In 2011, The Information Technology Deanship obtains the Abha Awards in the information technology (education electronic website) branch and located

the first place.

Electronic Government Award E-Government Award was awarded to

the University's website as the best Arab Saudi government Website on the network . This award is one of the prizes awarded by Arab Organization for Administrative Development

League of Arab States.

Digital Excellence Award 201 I In 20 I I, the University web site

obtains the Digital Excellence Award prize in the educational sites Branch in the fifth round and received the FIRST

award.

20f3 7131/20122:39 PM

file:lIIF :INCAANawaros.aspx.htm

Location I Site Map Cilreers FAQ Unk to us National E-Government Portal I Web MilSter

© King Abdulilziz University - Deanship of lnformiltion Technology -All RIghts reserved -2012

155

7/31 /20122:39 PM 30n

Print

Page Page 1 of 1

y'jall.l,l<-.ill..ll~

King Abdulaziz University

_iii_

.)<.4 ufo '~I ~J,J.;II ySl.,l , lAyt... e-J ~Jfol)'l '...4J1 ~ ~ ~I y.."J.:i • .ul...'iI J "~I.:4y .~IJ;L..J J.;.i\ ~~IwL...lylIJ4.j.Jfol)'l J)..J1Jwl~YI r+'" •

~'iIJ ~IJ ~Jfol)'l ~I yt... e - J ~...)\..A..J .,WI.)<. ~'il Ji,!l..J1 ~ ~ •

~I,m...ll -,...­

...W..,.

~Jfol')'l ~u... -.J..;. ~~.,..'iI.r)1 y:u..;. .nt.ll • w~J"...,u ~IwL.I..J....I1 "'J .Jijall.l,l<- .ill..ll ~..,.."..;..JI ~Jfol)'l ~'il ~• . .... l~Jfol!

wJ.l>. "'-! w~1 ~t" J.,Wl1.)<. iyli ,wl....,J...JI..;.\ ~..,. ~W4J1 ~Jy.."J.:i • . d....j'il

4F Uoii.-JI J • .La.I1 u--4...lW1 ~IvA i,,,.J1J wl....,J...J1 ..;.\ ~i.>L...J1 ~..;. rl j:ilYI I;" ~J o,t...JI.:J..;.,...:..J..,I"..:...e-UJ~..l.1 ~...a....lll;" ~,4IJ' y.,lJ...J1 .sfo-Jl.)!~.,Ji .lliJYIJ

~IJ ~1lJL...;.l'.A,..'>I..;i; ~liJb! ~Ji.~~! l..A...:..~ , .rL.oJI J-lIJ ~IJY'..fo.

(ISO 27001 : 2005)( Information Security Management System) d...,J...JI..;.I.),! rUo:J ~I wl,..'i ~".>ll ~1~.illiJ(ISO 9001 :2000) (Quality Management System) ~I,')'I i'~1 rUi.lJ

.~b')'l ~IJ '-,iiIjJl A.;i1.;.JIJ ^i'~IJ wl....,J...J1 ..;.\

. I ,~ ~'

, ,

.

^,

King Abdulazlz University Deanship of Information Technology

Table 2: Benchmarking KAU leT Services Compared "

with 500 USA University

No.

65 66 67 68 69 70

~1

~72

73 74 75 76 77 78 79 80 81 82

~~ 3

84 85 86 87 88 89 90 91

Indicator

Spam Protection A

Save files to the network

Scanning services --

­

Security and virus protection ^''-.lr:i'

7

Server provision

/

S8cUtity Management of the server SharePoint

--

I

Software upgrades and enhancements

I Software support - both operating system and agreed other software Virus checking software

Software Licence management

Software Library Management (for remote software distribution) of the server Student Information System (SIS) - Students

_!!"

Student Response System -Clickers

J _

Teacher Evaluations Test Scoring and ScanninQl Video Conferencing

(VPN)Virtuai Private Network

Virus Protection for Students, Faculty and Staff Voice Mail System

Web Data Collection Web Design

Web Evaluation system Web Site Maintenance Web Training

Wireless and Electronic Devices Security Policies Wireless Internet Access

- -

Average Response of 500

USA University

100%

90%

100%­

100%

100%

100%

9B%

96%

97%

100%

100%

91%

BB%

90%

100%

100%

100%

99%

100%

100%

100%

100%

BO%

100%

100%

100%

100%

I

,

KAU

Yes Yes · Yes Yes Yes Yes Yes Yes Yes · Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

.

92 93

Web publishing support and development Working from home

100%

93%

Yes Yes ^~

, "