1. IT POLICY OVERVIEW
This document provides an overview of IT related policies with which staff, students and other authorised users of University IT facilities must comply.
2. THE POLICIES
Below is a list of IT related policies together with the key policy statement and some brief additional information. This information is designed to guide the reader in understanding the nature of policies; it is not a replacement for reading the policies themselves.
2.1 Information Security Policy
“The purpose of this Policy is to safeguard information belonging to the University and its stakeholders (third parties, clients or customers and the general public)."
This is a high level policy that describes how information systems are to be managed. Many of the other policies listed below are subsidiary to this one.
2.2 Acceptable Use Policy
“This policy applies to anyone using Teesside University IT facilities (hardware, software, data, network access, third party services, online services or IT credentials) provided or arranged by Teesside University."
All users of any University IT facilities must be familiar with the IT Acceptable Use policy. It comprises a short policy section with extensive guidance on use. The primary focus is to ensure the reader is aware of what is and is not permissible when using University IT facilities.
2.3 IT Hardware Asset Management Policy
“The University requires that all IT hardware, particularly data bearing portable equipment, is properly managed throughout its lifetime."
This policy is primarily concerned with tracking IT hardware assets from the perspective of avoiding data loss. It mostly affects staff and the policy describes the separate responsibilities of Schools / Departments, individuals and the IT Department.
2.4 IT Software Asset Management Policy
"The University requires that all software installed on University equipment is properly licensed."
This policy informs everyone of the requirements with regard to purchasing, loading and using software on University equipment.
2.5 Remote Working Policy
"This policy is concerned with the technical and security aspects of facilitating remote, generally off campus, access to University information systems for University staff."
The policy covers the use of both data transports (protocols permitting live remote access to University information and systems) and data transfers (the use of storage devices to transport data for remote working).
2.6 Privacy and Monitoring Policy
"The University requires that staff, students and others making use of the University's ICT-based systems are aware that activity logging takes place, and that monitoring or content inspections of an individuals activity may occur under specific circumstances."
The policy describes the specific circumstances where the University may need (or be required) to examine the usage logs and datasets of users of University IT systems. This policy describes both the circumstances and the process that will be followed.
2.7 Guidance for the use of Social Media
"Social media tools such as blogs, online forums, content-sharing websites and other digital channels established for online interaction and connection are increasingly used to: Promote Teesside University to colleagues, students, customers, the media and other stakeholders; Share personal opinions and participate in online dialogue; Support learning and teaching."
The guidance covers both intended and unintended outcomes of the use of Social Media which staff, in particular, should be aware of. Clarity around the source of opinion in terms of it being personal or representative of the University is important.
3. BREACH OF POLICY
Please be aware that the above policies have varying clauses to cover breach of policy. In most cases breach of policy can result in disciplinary action being taken.
A foldable leaflet containing this information may be obtained from: