IT Policy
Overview
This policy outlines standards regarding the use of the Company's computing and computer based communications capabilities including, but not limited to, electronic mail and Internet systems.
Scope
This policy is applicable to all employees of [company name].
General principles
Equipment and Software
All the computing resources (e.g., equipment, software and telecommunications capabilities) used by the Company to provide computing and network connections throughout the business are considered the property of the Company. Further, they are intended solely for use by the Company's employees to conduct the Company's business, and should not be used for communication of a personal, private or non-business nature, without authorisation from a senior manager.
It is the Company's intention to use only properly licensed software and to comply with the manufacturers' licensing provisions and the terms of other agreements the Company has signed with the manufacturers. No actions are to be taken by an employee to obtain or use software that has not been properly licensed.
The Company will provide its employees with all software needed to conduct their business. Consequently, the Company's employees (other than appropriately authorised Information Technology staff) are not permitted to copy software from any source onto the Company's network or the computer they use. This is not only policy, it can be illegal, and/or expose both the computer and the Company's network to viruses.
All hardware and software requests, procurement and installation should be processed via the IT department so that the software/hardware compatibility and asset register can be maintained.
Data and information
All data and information created, acquired, stored on, or transmitted using the Company's computing resources are the Company's proprietary business information and are exclusively the property of the Company. This includes information of any kind: documents, spread sheets, graphics files, emails and their attachments, records of any business transactions, creative work, directories or lists of the content of storage devices, the printed image of any such information, or files of any such information on removable storage devices or stored on non Company computing systems (e.g.: portable devices/drives, CD/DVD, or home computers).
In all cases, the Company's proprietary business information may not be sent to outside individuals or companies, or to Company employees who do not need to know the information unless authorised by a senior manager. The Company is under no obligation to provide any data or information that was created, acquired, transmitted, or stored using the Company's resources, to any employee or ex employee of the Company.
Integrity
Electronic mail and other information systems of the Company should not be used in any way that may be disruptive, offensive to others, or harmful. In no case should the information systems be used to transmit messages of a sensitive, personal, or private nature, or which constitutes unlawful, threatening, disparaging, defamatory, scandalous or obscene material about employees, clients, vendors or any other person or entity.
Monitoring
The Company reserves the right to assign computing resources and system access privileges to employees, and to survey and monitor the use of resources, data and information by its employees.
All computer systems provided by the Company or connected to the Company's network, and all data and information created, acquired, stored on, or transmitted using Company resources are subject to access and review by Company officials, for a variety of reasons, in the course of the performance of their responsibilities at any time without notice. In all cases, monitoring and review is up to the Company's discretion.
Accordingly, employees may have no expectation that any messages or information on the system will be kept confidential from officials of the Company in the normal discharge of their duties. Those officials may also disclose such information to others, inside or outside the Company, at the Company's sole discretion, for official purposes, including system maintenance, data storage, data backup, data archiving, data transmission or retrieval, technical problem resolution, monitoring employees' work, access during an employee's absence or assurance of compliance with policies.
Incidental and occasional personal use of computing resources and electronic messaging within the Company is permitted unless abused, such decision to be made at the Company's sole discretion. However, like. all other data on the Company's systems, any personal messages may still be accessed and disclosed as provided above, even if marked "personal and confidential" or "private." In addition, the Company is under no obligation to retain or protect any such information or to provide any such information in any form to employees or former employees. The Company has no liability for erasure, destruction, use or disclosure of any such information.
Leaving the Company
Computing resources and any access to the Company's data or information provided to the Company's employees iares provided only during the term of their active employment with the Company, and only to facilitate the Company's business.
Upon termination or suspension of employment for any reason, all access to Company data and information or equipment will be discontinued, and any representations of Company data or information (printed, stored on removable media, or stored on remote or non Company computing systems) and Company provided equipment is to be returned to the Company.
Care in Delivery
Electronic mail is a tool which when used properly contributes to the efficiency of the Company as a whole. It's proper use depends on the good sense of our employees and on the careful use of this technology. Employees should consider these points prior to making a decision to communicate via electronic mail.
Electronic mail messages are forever. Once an electronic mail message has been stored on a file server, it is never truly deleted. Whether an attempt to "delete" a message is made by using a specific command or by the automatic delete function, it may be possible to locate and access an electronic mail message long after you believe it to have been deleted.
Electronic mail message distribution cannot be controlled. The author or sender of an electronic mail message cannot control the subsequent forwarding or distribution of any electronic mail message, regardless of how sensitive the message may be. Given the compatibility of our Company's electronic mail programs with Internet servers, and the increasing ability to communicate via electronic mail with our clients, such re transmission is not even limited to employees of the Company. Your message may well end up anywhere or everywhere on the vast number of networks lined by the Internet. In addition, the author or sender of an electronic mail cannot retrieve an electronic mail message once it has been sent.
If you have any questions, please refer them to your Manager.
IT incidents
Employees should report any IT incident event to the IT helpdesk immediately. An IT incident is any malfunction of hardware of software provided by the Company that stops an employee fulfilling their duty. Employees should ask before carrying out any IT related task that they are unsure of.
An IT incident represents a potential security breach or virus infection, or indeed anything that threatens harm to company data, company hardware or network integrity.
This policy [does not] form[s] part of your terms and conditions of employment.
Version: [1.0]
Issue date: [date]
Author: [name, job title]