IT Acceptable Use Policy


Application


This policy applies to all members of the University community whether at the University or elsewhere, and refers to all IT resources.

Purpose


 

To define the responsibilities of all IT users to use and to protect IT resources appropriately.

Introduction


The University provides Information Technology (IT) resources to a large and varied group of people.

Members of the University community must at all times comply with relevant laws, University statutes, policies and standards. IT users who deal with sensitive data must take particular care to ensure that they comply with all laws and University policies and practices relating to the privacy and security of data.

Some units within the University, including Information and Technology Services (ITS), maintain additional IT standards. IT users to whom those additional IT standards apply must also comply with those requirements.

The University seeks to establish and maintain access for its community to local, national and international sources of information, and to enhance academic freedom, access to knowledge and open sharing of information.

Nothing in this policy derogates from the University’s commitment to academic freedom as laid down in s. 161 of the Education Act 1989.

The University also works to create an environment in which staff and students feel free to create and to collaborate with colleagues both at the University and at other institutions, without fear that their work will be misrepresented, tampered with, destroyed or stolen.

Policy


  1. IT users must use IT resources responsibly, efficiently and in an ethical manner, and with due regard to the rights of others
  2. All IT users must guard against any misuse which aims to disrupt IT resources at the University or beyond
  3. For the avoidance of doubt, unacceptable conduct includes, but is not limited to:
  • using IT resources in a way that interferes with the reasonable use of IT resources by other IT users
  • using IT resources in a way that hinders the University in meeting its legal obligations
  • assuming another person’s identity or role
  • communicating on behalf of an organisation or unit that the IT user does not have the authority to represent
  • accessing, using, destroying, altering, dismantling or disfiguring IT resources without appropriate authority or other lawful excuse
  • breaching any University or third party copyright or patent protection and authorisations, including licence agreements and other contracts
  • breaching the privacy of individuals without appropriate authority or other lawful excuse
  • using IT resources to bully, harass or victimise any other person

Definitions


The following definitions apply to this document:

Academic freedom as defined in Section 161 of the Education Act 1989

IT resources refers to any University owned or operated hardware or software and the data that is used or stored on it.

IT user means any individual member of the University community using IT resources

Unit(s) refers to an organisational grouping across the University and includes a faculty, or research centre or service division or UniServices

University means the University of Auckland and includes all subsidiaries

University community includes all staff members (whether permanent, temporary or part time), honorary staff, students (whether full time or part time), contractors, subcontractors, consultants, alumni, associates, business partners or official visitors or guests of members of the University or UniServices

Key relevant documents


Include the following:

Document managment and control


Owned by: CIO

Prepared by: IT Risk and Strategy Manager

Approved by: The Vice-Chancellor

Date approved: January 2017

Review date: January 2020