We use cookies to ensure that we give you the best experience on our website. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.

Information Security

Information Security Incidents & Weaknesses Reporting

Why do you need to know about this?

An information security incident is a sudden event causing the accidental or malicious destruction, loss, alteration, unauthorised disclosure of, or access to, information which is Confidential (Personal); Confidential (Commercial) or Secret. An information weakness, is where a threat to the security of this information has been identified, for example as a result of existing systems, services or practices.

You are responsible for reporting any incidents or weaknesses that you become aware of.

What do you need to do?


  • Report any incident, weakness (or potential incident or weakness) immediately
  • Report any loss/theft of a device (e.g. laptop, mobile, USB) if it stores or is used to store or access University information, even if it is your own property
  • Take any action you can to reduce consequential risk


  • Delay reporting – early reporting can often enable the University to take preventative measures
  • Avoid reporting - even if it turns out to be a false alarm we need to know so we can help others avoid the same mistakes

To report an incident or weakness:

Please notify your Head of Department/College/Section at the same time.