Cyber Security
STANDARD OPERATIONS PROCEDURE (SOP)
Cybersecurity:
A. Incident Response:
Detection: Any suspected security incident (e.g., phishing email, malware detection, unauthorized access) must be immediately reported to the Cybersecurity Analyst via the designated reporting channels (email, phone, ticketing system).
Initial Response: The Cybersecurity Analyst follows the incident response plan, prioritizing containment and minimizing further damage. Initial actions may include isolating affected systems, blocking malicious traffic, and preserving evidence.
Investigation: A full investigation is conducted to determine the incident’s root cause, scope, and impact. This may involve collaborating with other ICT units and external forensic experts.
Remediation: Necessary steps are taken to eliminate the vulnerability and restore the affected systems to a secure state.
Recovery: Systems and data are restored to their pre-incident state.
Post-Incident Activity: A post-incident report is compiled, documenting the incident details, root cause, remediation steps, and lessons learned. This report is reviewed by the unit head and shared with relevant stakeholders.
Escalation: Any critical incidents (those posing significant risk or requiring extensive resources) are escalated to the unit head and the appropriate university leadership.
B. Vulnerability Management:
Vulnerability Scanning: Regular vulnerability scans of university systems are performed by the IT Security Specialist using automated tools.
Assessment and Prioritization: Identified vulnerabilities are assessed based on their severity and potential impact.
Remediation: Remediation actions (e.g., patching, configuration changes, security controls) are implemented by the IT Security Specialist or other relevant teams.
Verification: Remediation efforts are verified to ensure vulnerabilities are effectively addressed.
Reporting: Vulnerability scan results and remediation progress are reported to the unit head on a regular basis.
C. Security Awareness Training:
Program Development: The Security Awareness Trainer develops and delivers regular training programs on cybersecurity best practices (phishing awareness, password management, data security). Training programs should be tailored to different user groups (faculty, staff, students).
Training Delivery: Training is delivered through various methods (online modules, workshops, presentations).
Evaluation: Training effectiveness is evaluated through assessments, phishing simulations, and post-training surveys.
Updates: Training materials are regularly updated to address new threats and vulnerabilities.
Multimedia
Standard Operating Procedures (SOP) for the Multimedia Unit
This document outlines the Standard Operating Procedures (SOP) for the Multimedia Unit at the University of Ilorin, detailing responsibilities and workflows for each role.
I. Multimedia Manager
Overall Responsibility: Oversees all operations of the Multimedia Unit, ensuring efficient service delivery and alignment with university objectives.
Key Procedures:
Project Management:
Receives project requests from faculties/centers.
Assigns projects to relevant team members.
Monitors project progress and ensures timely completion.
Manages project budgets and resources.
Conducts project evaluations and gathers feedback.
Staff Management:
Supervises and evaluates team performance.
Conducts regular team meetings.
Identifies training needs and facilitates professional development.
Manages staff schedules and leave requests.
Strategic Planning:
Develops and implements the unit’s strategic plan.
Sets performance targets and monitors KPIs.
Identifies opportunities for growth and expansion.
Prepares reports on unit activities and performance.
Budget Management:
Develops and manages the unit’s budget.
Approves expenditures and tracks expenses.
Identifies funding opportunities and prepares grant proposals.
Policy Development:
Develops and implements policies and procedures for the unit.
Ensures compliance with university regulations.
User Relationship Management:
Maintains strong relationships with faculty and center representatives.
Addresses user concerns and resolves issues.
II. Video Production Specialist & Sound Engineer (1)
Overall Responsibility: Responsible for all aspects of video production, from pre-production planning to post-production editing and sound design.
Key Procedures:
Pre-Production:
Meets with clients to discuss project requirements.
Develops storyboards and scripts.
Scouts locations and arranges logistics.
Selects and manages video equipment.
Production:
Operates cameras and other recording equipment.
Directs on-camera talent.
Ensures proper lighting and sound recording.
Post-Production:
Edits video footage using professional editing software.
Adds special effects and graphics.
Creates sound design and mixes audio tracks.
Ensures high-quality video and audio output.
Sound Engineering:
Records and edits audio for various multimedia projects.
Sets up and operates sound equipment.
Designs and mixes sound effects and music.
Ensures high-quality audio output.
III. Graphic Designer/Animation Specialist (1)
Overall Responsibility: Creates visually appealing graphics and animations for various multimedia projects.
Key Procedures:
Graphic Design:
Develops visual concepts and designs.
Creates logos, posters, brochures, and other marketing materials.
Designs website layouts and graphics.
Uses graphic design software effectively.
Animation:
Creates 2D and 3D animations.
Develops storyboards and animatics.
Uses animation software and techniques.
Ensures high-quality animation output.
Branding:
Maintains university brand guidelines in all designs.
Ensures consistency in visual communication.
IV. Web Developer/Content Editor (1)
Overall Responsibility: Develops and maintains the unit’s website and manages multimedia content.
Key Procedures:
Web Development:
Designs and develops websites using web development tools.
Ensures website functionality and responsiveness.
Manages website hosting and maintenance.
Content Management:
Creates and edits website content.
Manages multimedia files and uploads them to the website.
Ensures website content is accurate and up-to-date.
SEO:
Implements search engine optimization (SEO) best practices.
Monitors website traffic and analytics.
Accessibility:
Ensures website accessibility for users with disabilities.
V. IT Support Technician (1)
Overall Responsibility: Provides technical support for the Multimedia Unit’s infrastructure and equipment.
Key Procedures:
Equipment Maintenance:
Maintains and repairs multimedia equipment.
Troubleshoots technical issues.
Ensures equipment is in good working order.
Network Support:
Manages the unit’s network infrastructure.
Troubleshoots network issues.
Ensures network security.
Software Support:
Installs and configures software.
Provides software support to team members.
Help Desk:
Provides technical support to users of multimedia services.
Logs and tracks support requests.
Inventory Management:
Maintains an inventory of multimedia equipment and supplies.
Tracks equipment usage and maintenance records.
VI. General Procedures:
Project Request Process: A standardized form for requesting multimedia services will be available online and in print. The form will include project details, timeline, and budget requirements.
Communication: Regular team meetings will be held to discuss project progress, address challenges, and share updates. Email and other communication tools will be used for day-to-day communication.
Quality Control: A quality control process will be implemented for all multimedia projects to ensure high standards and client satisfaction.
Data Backup: A regular data backup process will be implemented to protect multimedia files from loss or damage.
Security: Security measures will be implemented to protect multimedia equipment and data from theft or unauthorized access.
Policy and Compliance:
Policy Development and Review: The Cybersecurity Unit is responsible for the development and regular review of the University’s information security policies and procedures.
Compliance Monitoring: Compliance with relevant data protection regulations and industry best practices is ensured.
Audits: Regular security audits are performed to assess the effectiveness of security controls and compliance with policies.
Reporting: Reports on policy compliance and audit results are submitted to the unit head and relevant university bodies.
LINE OF COMMAND(top-down)
Cybersecurity:
Director of COMSIT
Unit Head Cybersecurity and multimedia
Cybersecurity Architects
Cybersecurity Engineers (Cybersecurity Analyst)
Cybersecurity Analysts
Security Awareness Trainers
Individual volunteers (Non Expert, interest group, etc.)
Multimedia
Director of COMSIT
Unit Head Cybersecurity and multimedia
Multimedia Manager (oversees the unit) (1)
Video Production Specialist and sound engineer (1)
Graphic Designer/ Animation Specialist (1)
Web Developer/Content editor (1)
IT Support Technician
DOCUMENT CONTROL
Version:
Effective Date:
Review Due Date:
Prepared by:
Approved by:
Distribution:
Types of Documents:
Requirements Specifications
Design Documents
Test Plans and Reports
User Manuals
Change Requests
7. Revision history
2. Version Control System (tracking, back up, etc):
Implement a version control system to manage document versions, changes, and collaboration.
3. Document Approval Process:
Define a clear approval workflow for documents, including review cycles and sign-off procedures.
4. Access Control:
Establish access permissions to ensure that only authorized personnel can view, edit, or approve documents.
5. Document Storage and Retrieval:
Utilize a centralized document repository with a logical structure for easy storage, retrieval, and searchability.
© 2025 University of Ilorin