8.2. Information technology
The provision of information technology by the University is guided by the following principles:
- creation of a technology environment in which teaching, learning and research will flourish
- encouragement of innovation and a commitment to providing access to the knowledge of the world for its staff and students, creation of a strong research culture, and promotion of the effective use of information technology by the University community
- optimisation of the size and configuration of computer hardware and software
- efficiency and cost effectiveness in support costs, overheads, software licenses, energy consumption and space management
- protection of systems used to store University data through appropriate security services such as firewalls, user access and authorisation restrictions and virus scanning software
- setting appropriate acceptable use guidelines for information technology systems to ensure the continued effective and secure operation of those systems and to protect the University from problems such as error, fraud, defamation, breach of copyright, unlawful discrimination, illegal activity, privacy violations and service interruptions
- the University’s information technology network is primarily a University tool to be used for University purposes by students and staff. In the case of staff, this will include communication relevant to their employment with the University. In the case of students this will include communication relevant to their enrolment and course activities. In the case of other parties,(including contractors or nominated position holders) this will include the purpose for which they have been given access to resources
- adopting an IT governance structure to provide advice to University management on the development of the University’s information technology systems including infrastructure, services and applications.
Staff, students and any other users of the University’s information technology systems:
- are expected to comply with University guidelines and directions in relation to acceptable use of information technology systems
- use the University’s information technology systems and electronic communications on the understanding and condition that such use is monitored
- acknowledge and consent to the University’s right to access and monitor electronic communications created, sent or received by staff or students using the University’s electronic communications network
- may use electronic communications for limited personal use as long as this does not interfere with their role within the University
- must take reasonable steps to ensure their accounts remain secure
- must not use, duplicate or sell any proprietary software, except as described in the owner’s licence agreement or conditions applying to use.
- expected to keep and retain data necessary to support the University’s operations on a network drive
- responsible for protecting University information communicated or stored using information technology systems
- responsible for adequately safeguarding all hardware, software and data against damage, loss, theft, alteration and unauthorised access.
- owns and asserts copyright over all copyright material created by employees as part of their employment and otherwise created, sent or received by users over the University equipment/infrastructure
- may access and use all such electronic communications in any manner determined by the University (including as records of evidence in an investigation or in response to other actions such as audit, litigation, criminal investigations or freedom of information requests)
- reserves the right to (without notice) monitor the use of any device or terminal, inspect any data residing on any University-owned resource (regardless of data ownership and including electronic mail and other forms of communication), capture and inspect any data in any computing infrastructure owned by the University, delete or modify any data in any networking infrastructure, re-image its desktops and laptops as and when required
- may apply filtering systems to the University network that limit use and activity by preventing communications based on size or content
- may establish processes to block access to sites that are deemed inappropriate
- may remove any material that is deemed to be offensive, indecent or inappropriate.
Table of roles and responsibilities (VC delegation)
|Role/Decision/Action||Responsibility*||Conditions and limitations|
|Setting of IT strategy and architecture including IT methodologies, tools, configurations and products.||Chief Information Officer|
|Management of computing and communication environment and processes, including data classification, storage, back up, retention, recovery, systems hosting, network arrangements security requirements, monitoring and filtering frameworks, computer room environments and access, classroom / teaching AV technologies, application management, maintenance and support and telecommunications.||Chief Information Officer|
|Establishing guidelines for the procurement, replacement and disposal of computing equipment including setting guidelines for allocation to eligible staff and other people.||Chief Information Officer||
Must be approved by the Chief Financial Officer
Must be included in the University’s financial and contracting delegations
|Establishing authorised access and use protocols and directions, including user account and password management requirements.||Chief Information Officer|
|Establishing acceptable use guidelines.||Chief Information Officer||
Must be approved by the Vice-Chancellor.
* (Staff holding, acting in or performing the responsible position or office)
8.4. University records
The University seeks to ensure that:
- it creates and manages authentic, reliable and useable records to support business functions and activities for as long as they are required
- its record keeping practices adequately support the requirements for identifying and making available University records to the public when requested.
Staff should maintain records to support effective decision making.