ISMS – Boundaries
The scope of the ISMS implementation defines the organizational units, locations, and systems covered under the certification. Establishing clear boundaries ensures focused implementation and effective management of information security risks.
Kulliyyahs / Divisions Involved
The ISMS implementation encompasses the following key entities:
i. Gombak Campus
- Kulliyyah of Economics and Management Sciences (KENMS)
- Kulliyyah of Information and Communication Technology (KICT)
- Academic Management and Admission Division (AMAD)
These units are critical due to their direct involvement in handling academic data, student information, and examination processes.
ii. Information Technology Division (ITD)
- Gombak Campus
- Kuantan Campus
The ITD plays a central role in managing ICT infrastructure, systems, networks, and cybersecurity operations, making it a core component of the ISMS implementation.
System in Scope
Examination System
The Examination System has been identified as the primary system within the ISMS scope due to its high sensitivity and criticality. This system manages essential processes such as:
- Examination scheduling and coordination
- Student assessment records and results processing
- Secure storage and transmission of examination data
- Access control for authorized academic and administrative personnel
Given the importance of maintaining the confidentiality, integrity, and availability of examination-related information, this system is prioritized for stringent security controls and continuous monitoring under the ISMS framework.