Information Security

Bocconi University is committed to establishing, implementing, maintaining and continuously improving an Information Security Management System that is consistent with the University's strategic goals and processes. This system is developed in line with the ISO/IEC 27001 international standard, as well as current GDPR regulations and Legislative Decree 231/2001.

The principles that Bocconi University aims to adhere to through its Information Security Management System include:

• Ensuring the confidentiality of data so that it is available only to the processes and/or resources entitled to use it;
• Ensuring the integrity of information, applications, systems and networks by preventing unauthorized or accidental modifications;
• Ensuring the availability of information according to specific needs, enabling the continuity of processes.

The scope of the Information Security Management System includes the processes and activities managed by the university’s Staff Organizational Units reporting to the Managing Director. These processes and activities include management of the technical-application infrastructure, governance of processes and resources used in administrative activities, and also the conduct of processes to support teaching, learning, research and the third mission.