Explore UCD

UCD Home >

Policies & Guidelines

The University has established principles, policies, standards, guidelines, and procedures to safeguard IT systems, protect the privacy of students and staff, and comply with contractual requirements and legislation. These must be followed at all times.

UCD Enterprise Architecture Principles

(opens in a new window)Enterprise Architecture Principles

A set of UCD Enterprise Architecture Principles have been approved by the UMT to inform, guide and govern the design and deployment of applications and technologies across the University.  

Alignment with these principles is a requirement for all initiatives, from local solutions in individual schools and units, to centrally-managed enterprise platforms deployments.  

Also see Enterprise Architecture, for how EA supports IT solution decision making within IT Services and across the University.

UCD IT Policies

(opens in a new window)Password Protection Policy


This policy sets out University standards for the creation of strong passwords, the frequency of change and reuse of those passwords, and the protection of those passwords

Device Protection Policy


The purpose of this policy is to safeguard Personal Data and Confidential University Information from being exposed to threats through the use of unprotected and unsecured devices. This policy seeks to reduce the risk of an information security related incident from a device being lost, stolen, used or exploited in such a way to take unauthorised advantage of Personal Data or Confidential University Information.

Acceptable Use Policy


The purpose of this Policy is to provide all those who use the University’s IT Resources with clear guidance on the acceptable, safe, respectful and legal way in which they can use the University’s IT Resources. This Policy is designed to ensure that the University can offer the widest possible range of IT systems and network resources to UCD’s community in a way that is compliant with data security and data protection and is not intended to limit use of the University's information services

(opens in a new window)Payment Card Security Policy

This policy deals with the acceptable use and the controls required for receiving, processing and storing information in respect of all card receipts accepted and refunds made by the University.

(opens in a new window)Data Access Request

This policy sets out how the University responds to exceptional requests outside of standard business practices, to authorise a person or party access to “Data” held in any University supported IT service or University owned device, whether it is provided directly by a University unit or is managed by a third party on behalf of the University.

IT Standards

UCD IT Services Standards for generation of UCD Email addresses

This document is an outline of how UCD email addresses are generated and what the process is to request a change to an email address.

Remote Access Standards

Standards for remote access to the University’s IT Resources.

(opens in a new window)Third Party Application Integration Policy

The purpose of this Third Party Application Integration policy is to provide clear guidance on factors that must be addressed if an integration of a Third Party Application with an existing UCD IT System is to be considered. The policy also outlines the principles that will guide the decision-making and approval processes.

 IT Guidelines

Digital Solutions Deployment Guide

Steps to take when Buying, Developing, or Deploying a new digital solution in UCD.

Cloud Computing Guidance


Before considering a cloud computing service or engaging a cloud service provider, you should be satisfied with the reputation of the cloud provider and that their security standards are sufficient and appropriate.

(opens in a new window)IT Security Review Process

(Request Access)


The purpose of this document is to define the IT Security Review Process to clarify when a review is needed, how it is undertaken and who needs to be involved.

(opens in a new window)Device Security Guidelines

How to protect your Laptop and Desktop

Encryption Guidelines

Device Encryption, Secure Network Access, and File Level Encryption

Information Protection Guidelines

Strong Passwords, Phishing, Protecting your Data, Top Security Tips

Website Protection Guidelines

The purpose of this guide is to help Website administrators to secure their website and develop a response plan to deal with a website hacking or malware incident.

IT Procedures

IT Services Change Control Process

The IT Services Technical Design Authority reviews and approves proposed changes based on an assessment of technical solution , security, risks, architectural alignment, and support.     

(opens in a new window)Request for Change Template *

(opens in a new window)System Descriptor Template *

*IT Services access only

IT Account and Service Access Procedures

IT Account (and the services thereof) eligibility

Also see  (opens in a new window)IT Services entitlements (Service Entitlement Matrix)

IT Security Incident Response Procedure

This purpose of the procedure is to define the roles, responsibilities and the process for the investigation and response to IT security incidents

Personal Data incident and Breach Management

Response procedures to manage accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.

(opens in a new window)UCD IT Security Policy Framework

The purpose of this document is to focus on the IT Security related policies, to align the policies, procedures and guidelines that are needed to govern IT Security in University College Dublin. The Framework is  reviewed and updated on a regular basis or as required by Legal, Regulatory, technical, or administrational needs.  

(opens in a new window)Network Registration Procedure

How to Register your device on the UCD network

UCD IT Services

Computer Centre, University College Dublin, Belfield, Dublin 4, Ireland.

Contact us via the UCD IT Support Hub: www.ucd.ie/ithelp