Acceptable use of IBC Information Technology (IT) facilities
POLICY NO:
Date of Authorisation:
Effective Date:
Date of Last Amendment:
Superseded documents:
Reference Authority:
Related documents: This Policy must be read in conjunction with the documents listed in Appendix A. Those documents address specific implementation issues such as internet use, email and privileged access to systems.
Contact Person: Any person who requires assistance in understanding any aspect of this document should contact the IT Manager.
1. Overview
2. Scope
3. Users with Authorised Accounts
4. Other Users
5. Acceptable Use
6. User Accounts and Passwords
7. IBC Responsibility
8. Monitoring Use
9. Compliance
10. Exceptions
11. Implementation and Review
12. Communication
Appendix A
1. Overview
IBC provides Information Technology facilities (IT facilities) to support its teaching and learning, research, administrative and business activities. IT facilities includes all computing and communication equipment, software, services, data and dedicated building space used in connection with information technology, which is owned by, leased by or used under licence or agreement by IBC. IBC recognises its responsibility to ensure the appropriate use of its IT facilities and that it must be protected from damage or liability resulting from the unlawful or inappropriate use of its IT facilities.
2. Scope
This Policy applies to users with authorised accounts (as defined below) to access IBC's IT facilities.
3. Users with Authorised Accounts
3.1 It is a requirement that every person who accesses IBC IT facilities must have an authorised user account for their exclusive use.
3.2 Authorised accounts will only be issued to staff employed by IBC, currently enrolled students, visiting academics, contractors or consultants engaged by IBC, or other recognised affiliates of IBC. In addition, access to particular systems and types of use may require authorisation by the relevant Unit Director/Manager or equivalent.
3.3 All users with an authorised account must comply with this policy when using IBC's IT facilities.
4. Other Users
4.1 This policy recognises that some IBC IT facilities are provided for the use of members of the general public who do not have any formal relationship with IBC. Examples of such facilities are IBC web sites that are not subject to some form of access control, and limited access to the electronic information resources accessible from the Library where this is permitted by license.
4.2 These users will not be issued with user accounts, and will only be subject to sections 5.3 and 5.4 of this policy. In addition, their use of IBC IT facilities must comply with State and Commonwealth laws and any additional Guidelines issued by IBC in relation to their use of the facilities.
5. Acceptable Use
5.1 IT facilities are provided to support IBC's teaching and learning, research, administrative and business activities.
5.2 IT facilities are not provided for recreational or personal use unless specifically stated otherwise in the guidelines listed in Appendix A.
5.3 Users of IBC IT facilities must comply with IBC's requirements for acceptable use. Specific activities that constitute unacceptable use include but are not limited to:
5.3.1 deliberate, unauthorised corruption or destruction of IT facilities (including deliberate introduction or propagation of computer viruses)
5.3.2 deliberate, unauthorised access to IT facilities
5.3.3 unauthorised use of data or information obtained from the use of IT facilities
5.3.4 use of IT facilities to access, create, transmit or solicit material which is obscene, defamatory, discriminatory in nature, or likely to cause distress to some individuals or cultures, where such material is not a legitimate part of teaching and learning or research (if the material is a legitimate part of teaching and learning or research, an appropriate warning should be given)
5.3.5 transmission or use of material which infringes copyright held by another person or IBC
5.3.6 violation of software licensing agreements
5.3.7 use of IT facilities to transmit unsolicited commercial or advertising material
5.3.8 deliberate impersonation of another individual by the use of their login credentials, e-mail address or other means
5.3.9 violation of the privacy of personal information relating to other individuals
5.3.10 unauthorised disclosure of confidential information
5.3.11 use of IT facilities to harass or threaten other individuals
5.3.12 unauthorised attempts to identify or exploit weaknesses in IT facilities
5.3.13 unauthorised attempts to make IBC IT facilities unavailable
5.3.14 use of IBC IT facilities to gain unauthorised access to third party IT facilities
5.3.15 use of IBC IT facilities in unauthorised attempts to make third party IT facilities unavailable
5.3.16 use which deliberately and significantly degrades the performance of IT facilities for other users (including the downloading of MP3 files not related to teaching and learning and research).
5.4 Users must also comply with the IBC's other policies and procedures and other Guidelines as released by the IT Manager.
5.5 If any unacceptable use of IBC IT systems is detected, it must be reported to the IT Manager.
5.6 Behavior which breaches this policy may also breach Commonwealth and State law.
6. User Accounts and Passwords
6.1 All user accounts must have one person nominated as the person responsible for that account.
6.2 Users are responsible for all activity initiated from their accounts, unless it is established that the activity was done by another person who gained access to the user's account through no fault of the user.
6.3 Users must select passwords that cannot be easily guessed and they must not divulge passwords to others, including other staff and students.
6.4 Users must not attempt to determine another user's password.
6.5 If the security of a password is compromised, it must be changed immediately.
6.6 Users are not permitted to authorise others to login using their account.
6.7 Passwords should be changed regularly.
6.8 Users are prohibited from using another user's account.
7. IBC Responsibility
IBC will take reasonable steps to protect its IT facilities from unauthorised and unacceptable use.
8. Monitoring Use
IBC reserves the right to monitor any and all aspects of its IT facilities to determine if a user is acting unlawfully or violating this Policy, the associated documents listed in Appendix A, or any other IBC policy or rule. Such monitoring may include, but is not limited to, individual login sessions, the internet sites visited by users and the content of electronic communications. Monitoring may be done with or without prior notice to the user. Procedures relating to monitoring use are listed in Appendix A.
9. Compliance
9.1 Users of IBC IT facilities are responsible for adhering to the provisions of this Policy.
9.2 IBC may take remedial action and suspend user access with or without prior notice in response to suspected breaches of this policy.
9.3 Breaches by staff or students that constitute misconduct will be addressed by the relevant staff or student disciplinary procedures. See Appendix A.
9.4 Sanctions for failing to comply with this Policy or the associated documents listed in Appendix A, may include:
9.4.1 immediate withdrawal of access to IT facilities, with or without prior notice
9.4.2 action taken under the IBC's relevant performance management scheme and/or disciplinary procedures for staff or for students.
9.4.3 criminal or other penalties imposed by State or Commonwealth legislation
9.4.4 financial compensation sought by IBC.
10. Exceptions
Requests for exceptions to this policy must be authorised by the General Manager. Such requests must be made in writing and will be evaluated based on the case presented to support it.
11. Implementation and review
11.1 All Unit Director/Managers or equivalent will be responsible for the implementation of this Policy in their respective areas of responsibility.
11.2 The IT Manager is responsible for regularly reviewing this Policy.
11.3 The IT Manager, in consultation with the General Manager, has authority to issue from time to time the Guidelines referred to in the Appendix due to changes in the law or changes in the practices of the IBC.
11.4 The IT Manager, in consultation with the General Manager, has authority to amend Appendix A and any Guidelines issued.
11.5 Both the Guidelines referred to in Appendix A and any additional Guidelines are afforded the status of policy.
12. Communication
12.1 All Unit Director/Managers or equivalent are responsible for ensuring that all students and all staff members have access to this Policy through the IBC website.
12.2 This Policy will be included in the information package provided to all new members of staff.
1. Associated Documents
For information on the application of this policy see:
See also IBC policies and resources for staff and for students listed on the ISTS website.
Other IBC legislation and policies that may be relevant to implementation of the Policy on Acceptable Use of IT are:
- Policy and procedures for the resolution of student grievances
- Anti-racism Policy
- Equal Opportunity Policy
- Sexual Harassment Policy
- Public Statements by Members of the IBC Staff
- Code of Ethical Conduct
- Inclusive Language Policy
- Discrimination and harassment grievance procedures
2. Relevant Legislation
While not an exhaustive list, the following legislation is of particular relevance to the use of IBC IT facilities:
3. Relevant terms
Disciplinary procedures
The disciplinary procedures as outlined in the applicable industrial instrument shall apply to staff.
The disciplinary procedures as outlined in the applicable statute or policy shall apply to students.
Industrial Instrument - refers to the applicable Enterprise Agreement, Award, Australian Workplace Agreement, contract of employment or legislation.
|
