Governance

Policies and procedures

Policy No.
UP19/1
Function
Technology And Telecommunications
Authoring Organisational Unit
Policy Team - SPP Central Unit
Date Approved
18/02/2019
Next Review Date
18/02/2022
Approving Body
Executive Group

The University of Western Australia

Save this template to the preferred folder on your network drive. 

Note: You must save the template each time you want to write a policy to ensure that you are using the most recent version of the template.

You can use the show/hide button on your toolbar (this looks like a paragraph mark) to hide or show instructions in the template.  If clicking on this button does not work, please go to Tools - Options - View - and un-tick “hidden text” before trying again.

Note: Please do not type or paste over instructions.

(A comprehensive set of instructions is also provided on the Template and Instructions page of the University Policies website.)

To include text in the template, except in the Definitions section, place your cursor at the end of the relevant section heading provided or at the end of the relevant instructions and press “Enter” before beginning to type or pasting in text.  To include text in the definitions section place your cursor immediately under the heading before beginning to type.

Note: If you are pasting in text you must save it as plain text first so that you do not import any additional styles into the policy document.

Formatting styles are embedded in this template and can be found in a drop-down menu on your toolbar.  Note: Please do not add to or alter the styles.  It is recommended that styles be applied once text is finalised.  Apply a style by highlighting the text and clicking on the appropriate style from the drop-down list.

If you require a numbered heading style within the policy text, please use Heading 4 from the drop-down styles list.  This will automatically apply a number to the heading and each time you use the Heading 4 style the next sequential number will be applied automatically. 

Styles 1.1 (Style 1), 1.1.1 (Style 2), and 1.1.1.1 (Style 3) are available for the body of the text.  To reduce complexity, it is recommended that numbering below the level of 1.1.1.1 be avoided.  Bullet points can be used for lists if required.  The list bullet style is available from the styles drop-down list.

Note: If you press “Enter” after a heading provided in the template or after a set of instructions the Normal, Policy style will automatically be applied.

Note: Please do not use tabs in your document.  

University Policy on: Acceptable Use of IT

 

 

Overtype “Policy Name” with the name of the policy.  This must convey specifically, accurately and succinctly what the policy addresses eg Award of Honours, Study Leave.

1. Purpose

a) The purpose of this policy is to —

i. enable the University Community to make acceptable security and ethical decisions in order to —

A. protect the Digital Identity of members of the University Community;

B. safeguard the reputation of the University by encouraging  responsible online behaviour; and

C. safeguard the University’s IT Services and  IT Assets.

ii. contribute to maintaining a University culture of respect, integrity and inclusivity.

 

b) In this policy —

i. Acceptable Use of IT                                                                section 2;

ii. Use of IT Service                                                                      section 4.1;

iii. Regulated Digital Content                                                       section 4.2;

iv. Personally-Owned and Third Party Devices                        section 4.3;

v. Cyber Security Reporting                                                        section 4.4.

 

c) This policy is to be read in conjunction with the following:

i. Cyber Security Management Framework;

ii. Appropriate Use of IT Guidelines.

 

2. Acceptable Use of IT

a) Acceptable Use of IT means making decisions that comply with personal security responsibilities and the University’s Code of Conduct when utilising Information Technology Services (IT Services).

b) IT Services means the combination of processes, expertise and resources by which Uni IT deliver value to the University Community to enable the achievement of their business objectives.

 

3. Scope

3.1. Institutional Scope

a) The scope of this policy applies to the entire University

3.2. Individual Scope

a) The scope of this policy applies to the entire University Community when using IT Services on —

i. personally-owned devices;

ii. third party devices; and/or

iii. IT Assets provided by the University.

 

4. Acceptable Use of IT Practices

4.1. Use of IT Services

a) The University Community will only use IT Services for acceptable, legal and ethical purposes.

b) The University will provide IT Services to enable teaching, learning, research and administration, with reasonable personal use permitted.

c) The University Community must not bypass security measures or jeopardise, access, copy, alter or destroy any University Information and/or IT Services if they are not specifically authorised to do so.

d) The University Community will take all reasonable steps to protect University Information, Digital Identities, IT Services and IT Assets both on University Property and when working remotely.

e) Digital Identity means information, such as user name or an email address, used by computer systems to represent a member of the University Community.

4.2. Regulated Digital Content

a) The University Community will not create, access, download, possess or distribute digital content that is –

i. illegal;

ii. in breach of intellectual property and copyright;

iii. considered as any form of harassment or discrimination, or otherwise interferes with the values of the University’s Code of Ethics and Code of Conduct.

b) Regulated Digital Content means material, including but not limited to —

i. malware;

ii. unlawfully obtained;

iii. containing child sexual abuse;

iv. that advocates the doing of a terrorist act;

v. detailed instruction or promotion in crime or violence;

vi. instruction in paedophilic activity;

vii. gratuitous, exploitative and offensive depictions of violence or sexual violence; and/or

viii. has been classified RC or X 18+ by the Classification Board.

c) The University acknowledges that access to regulated digital content may be required for valid research and teaching purposes. Access is granted on written authorisation by Ethics Committee through the Office of Research Integrity.

4.3. Personally-Owned and Third Party Devices

a) The University Community will ensure that personally-owned and third party devices used to consume IT Services have —

i. up-to-date security software, such as anti-Malware, installed;

ii. trusted software updates regularly installed; and

iii. user authentication mechanisms enabled.

b) The University may refuse to provide IT Services to devices that do not comply with security requirements.

4.4. Cyber Security Reporting

a) The University Community will report suspicious behaviour, lost or stolen IT Assets, security vulnerabilities or breaches of the Acceptable Use of IT Policy and the Cyber Security Policy by —

i. contacting the Uni IT Service Desk; or

ii. submitting an anonymous complaint.

d) The University may monitor, log, examine and/or disclose online activity and use of IT Services for security and compliance purposes.

 

Breach

a) Failure to comply with this policy by a member of the University Community may be considered a breach of the Code of Conduct and may result in disciplinary action.

 

Definitions

Acceptable Use of IT is defined in section 2

Digital Identity is defined in section 4.1

IT Assets is defined in the Cyber Security Policy

IT Services is defined in section 2

Regulated Digital Content is defined in section 4.2

University is defined in the University of Western Australia Act 1911 (WA).

University Community means all individuals who engage in University Activity and/or use University Property.

University Activity means engaging in study, work, recreation or other activities and services and performance of official duties for the University regardless of the location.

University Information means all data and information created by, collected, received and stored, by the University Community or on behalf of the University, in any format or medium.

University Property means tangible and non-tangible things, belonging to, or contracted to the University or members of the University Community, including campuses, facilities and services.

 

Legislative Controls

Age Discrimination Act 2004 (Cth)

Autonomous Sanctions Act 2011 (Cth)

Broadcasting Services Act 1992 (Cth)

Competition and Consumer Act 2010 (Cth)

Copyright Act 1968 (Cth)

Disability Discrimination Act 1992 (Cth)

Enhancing Online Safety Act 2015 (Cth)

Equal Opportunity for Women in the Workplace Act 1999 (Cth)

Higher Education Support Act 2003 (Cth)

Privacy Act 1988 (Cth)

Privacy Amendment (Notifiable Data Breach Act 2017 (Cth)

Racial Discrimination Act 1975 (Cth)

Sex Discrimination Act 1984 (Cth)

Spam Act 2003 (Cth)

Trade Marks Act 1995 (Cth)

Weapons of Mass Destruction (Prevention of Proliferation) Act 1995 (Cth)

 

 

 

This must be in Normal, Policy style.

Provide a brief summary of the reasons for the policy and issues it addresses.  This section is designed to stand alone.  The aim is to provide the reader with enough information to make a decision about whether or not this is the policy they are looking for.  It must not be longer than 200 words. 

Example 1

This policy defines the nature and purpose of study leave provisions for academic staff and sets out eligibility criteria and other conditions that apply.

Example 2

This policy seeks to rationalise the award of honours across the University by addressing such issues as: entry standards, course content and structure, supervision, assessment, examination, grades, classifications, benchmarking and the maintenance and provision of documentation relating to these matters.  It is based on resolutions of the Academic Board flowing from the 1999 report of the Honours Working Party.

 

Policy No

UP19/1

This is the TRIM record number.  Note: This is not the TRIM file number.  If this is a new policy, apply for the policy number (contact [email protected]) after the policy has been approved by the relevant position or body and before it is submitted for storing in TRIM.

 

Approving body or position

Executive

Include the name of the body or position with responsibility for approving the policy.  This must be one of the following:

Senate

Academic Board/Council

Vice-Chancellor

Senior Deputy Vice-Chancellor

Deputy Vice-Chancellor (Education)

Deputy Vice-Chancellor (Research and Innovation)

Registrar and Executive Director (Academic Services) Executive Director (Finance and Resources)

 

Date original policy approved

February 2019

Insert date of approval of original policy.  If this information cannot readily be ascertained insert “as per file”.

 

Date this version of policy approved

February 2019

When the policy document has been approved by the relevant body or position insert date of approval.

 

Date policy to be reviewed

February 2022

If the proposing body has not determined a date for review of the policy, a default date of ten years from the date of the latest revision approval will apply.  Enter the appropriate date.

If the document contains procedures, include the date that these were last updated.  Procedures are approved by the relevant Director.

 

TRIM

F19/523

Insert the appropriate TRIM file number.  All policies must have a TRIM file for storing information relating to policy development and other related information.  Note this is not the policy number.  Apply for a TRIM file number at http:/intranet.uwa.edu.au/page/38742

 

Contact position

Associate Director Enterprise Security

State the name of the position that is to be contacted for any queries regarding the policy, eg University Secretary.  Note: As this will link through to the University’s Contact Directory, the position name must be given exactly as it appears in that directory.

 

 

Provide details of, and, if appropriate, web links to, other policies, legislation or committee resolutions that relate to the subject of the policy, if known, eg Statute(s), University General Rule(s).  If unsure what these might be, try one or more of the following:

Conduct a search on TRIM.

Make an enquiry to Archives and Records.

Seek help from staff in the relevant section. 

If related policies are stored in University Policy format on the University Policies site, please provide the relevant policy number(s). 

 

 

Switch off the instructions by clicking the hide/show button on your toolbar.

Check the content of the document for clarity and accuracy.

Submit the document to the relevant position or body for approval.

When the document is approved -

if the policy does not already have a University Policy number, apply for one by completing the form at https://intranet.uwa.edu.au/archives/new_university_policy_number (Control and click to follow the link.)

include the University Policy number in the relevant table box in the template; and

complete the relevant approval date and any other table boxes at the end of the template that have not yet been completed.

Save the document in Filtered HTML format to a convenient location on your network drive (Go to File – Save As and select Web Page, Filtered from the drop-down list under the filename box.)

Apply the style-checker as follows:

Go to the following URL https://www.admin.uwa.edu.au/policytidy (Control and click to follow the link.)

Browse to find the policy document you have saved in Filtered HTML.

Hit “Submit” to bring up the preview of the converted document.

Check for errata and mis-processed characters.

Once the document is correct, click on “Download Document” to download the document to the preferred folder on your network drive.

Appropriate Director emails ([email protected]) the policy to University Records for storing in TRIM and publishing on the University Policies website.