This policy defines the mandatory minimum information security requirements of the university. It encompasses all systems, automated and manual, for which UPLB has administrative responsibility, including systems managed or hosted by third parties on behalf of UPLB. It addresses all information, regardless of the form or format, which is created or used in support of business activities.