The VUB is in context of good governance committed to ensure the safety and privacy of personal data, the security and confidentiality of non-personal data, and to respect the legal requirements within. The confidentiality (who gets the information?), the integrity (has the information been changed without permission?), the availability (is there data access when required?) and the privacy of information are important in the exercise and support of its core tasks.
The diagram below gives a graphical overview of how IVP is formalized at the VUB.
The Board of Directors manages the IVP Policy (Beleid). This policy defines the “who”, the functions and organization. The Executive Committee manages the IVP Standard (Standaard). This standard defines the “what”, the core objectives which all the VUB-applications and processes must adhere to.
The IVP Standard is the basis for a wide range of underlying Sub-Standards and Guidelines (Sub-Standaarden and Richtlijnen). These determine the “how”, the operational implementation of the standard. Each sub-standard and guideline describes the requirements for its specific segment. The core objectives as defined in the standard are to be used as minimum requirements in case of absence of a sub-standard or guideline. Sub-standards and guidelines are managed by the departments concerned.