Approved Terms of Reference of the Information Governance Group PURPOSE To provide oversight of and drive continuous improvement in the University’s arrangements for information governance, ensuring people, policies, procedures, systems, controls and reporting mechanisms are in place to maximise the accuracy, integrity, value, and security of the information held across the University and to evaluate and address risk to this valuable University asset. To provide assurance to the Risk Management Committee of the effectiveness of these arrangements. MEMBERSHIP Convener: Deputy Secretary, Governance and Strategic Planning Members The Group will comprise senior members of staff representing: each College (Arts, Humanities and Social Sciences, Medicine and Veterinary Medicine and Science and Engineering) and Professional Services Groups (Corporate Services Group, Information Services Group and University Secretary’s Group). Members will be nominated by their College/Group Head and will have their authority to drive forward change across their College/Group; Edinburgh Research Office, Information Compliance, and Information Security. Nominees will be expected to attend Group meetings. Each member will have one named deputy to cover for unavoidable absences. A College/Professional Services Group member will be appointed as Deputy Convener. REMIT To approve and promote further development of the University’s over-arching framework for information governance. To review regularly the governance framework, propose priorities for further development and oversee delivery of agreed actions. To determine the routine management information (MI) required of Colleges and Professional Services Groups to assure the Group and other stakeholders of compliance with the governance framework. To consider the routine MI provided by Colleges and Professional Services Groups and consider incidents of information loss and/or security breaches to further enhance the pan-University governance framework. To promulgate and champion the governance framework within their business area, sharing feedback to aid continuous improvement. To undertake an annual review the Group’s Remit and Membership and propose any necessary revisions to reflect progress, respond to organisational changes and/or external factors. REPORTING RELATIONSHIP The Group will formally report to the Risk Management Committee. Through its Convener, the Group will provide the Risk Management Committee with an annual assurance report regarding the University’s arrangements for information governance. Matters of significance e.g., material non-compliance with the framework, arising at meetings during the year will be reported to the next meeting of the Risk Management Committee. MEETINGS The Group will meet as required to fulfil its remit and at least four times per year. Meetings will be timetabled to take account of the schedule for Risk Management Committee. Meetings may be held in person or virtually. With the prior agreement of the Convener, urgent matters may be considered by e-correspondence and decisions formally ratified and minuted at the next meeting. Draft minutes and action logs will be agreed with the Convener and submitted for approval at the next meeting of the Group. Agendas and papers will be issued at least one calendar week in advance of each meeting Secretariat will be provided by Susan Brydon, PA to the Deputy Secretary, Governance and Strategic Planning. Alternative Format If you require this document in an alternative format, such as large print or coloured background, please contact Susan Brydon, Personal Assistant to the Deputy Secretary Governance and Strategic Planning This article was published on 2025-02-06
