Information Technology Services (General Conditions) Order 2005 (Cth)

THE AUSTRALIAN NATIONAL UNIVERSITY

INFORMATION TECHNOLOGY SERVICES (GENERAL CONDITIONS) ORDER 2005

The Council of the Australian National University makes this Order under section 4 of the Information Technology Services Statute 1999.

Dated: 10 december 2004.

Peter Baume AO

Chancellor

__________________________________________________________________

1. Name of Order and commencement

1. This Order is the Information Technology Services (General Conditions) Order 2005.

1. This Order commences on 31 December 2004, immediately after the commencement of the Orders (Repeal) Order 2004.

Interpretation

2 In this Order, unless the contrary intention appears:

"account" means an account assigned to a user under subrule 3 (4);

"Director" means the Director, Information Technology Services;

"information" means the data and other material on any part of the Information Technology Services;

"password" means the mode of secured personal access to those parts of the Information Technology Services authorised under rule 3 for use by the user;

"Rules" means the Information Technology Services Rules;

"services" means the University's Information Technology Services within the meaning of the Statute;

"software" means the licensed products, computer programs and data and includes any updates and new releases of products;

"Statute" means the Information Technology Services Statute 1999;

"user" means a person who accesses the Information Technology Services whether that access is from within the University or from outside of the University.

[NOTE: The conditions contained in this Order are in addition to the conditions set out in the Rules.]

Application

3 This Order applies to:

(a)all of the portfolio of Information Technology Services provided by the University (including all computer, network and electronic information facilities of the University, network access to information systems outside the University and software packages running on all of those services and facilities);

(b)and to all members of the University (including students, staff and official visitors) and external users.

General conditions of access and use

4 Users must use University Information Technology Services in a manner which is efficient, ethical, legal, not to the detriment of rights and property of others and not in conflict with or in contravention of the Statutes, Rules and Orders of the University.

Access to services

5(1) A user may be given access to all or a particular part of the services, depending on individual work or study requirements.

(2) If it is necessary to access the service jointly with another user, all parties must jointly share the responsibility for any actions undertaken on that service.

(3) Users of central administrative systems must not share access to those systems.

(4) If a user has doubt concerning the user's authorisation to use any service, the user must seek the advice of the person responsible for that service.

System security

6(1) If a user inadvertently obtains information to which he or she is not entitled, or becomes aware of a breach of security pertaining to any service, the user must immediately report it to the person responsible for that service or to the Director.

(2) A user must not:

(a)use any account set up for another user, except as permitted by subrule 4 (3) of the Rules, nor make any attempt to find out the password of a service for which he or she has not been authorised, including accounts set up for other users;

(b)inject or otherwise introduce computer viruses into the network or any equipment connected to the network;

(c)attempt to copy, disclose, transfer, examine, rename, change, add or delete information belonging to the University or another user, (whether the user is a member of staff, student or a visitor) without their express permission, unless it is part of their duties to so do;

(d)collect or discard any electronic, printed or magnetic output without the owner's explicit permission, or unless required to do so as part of his or her duties.

[NOTE: The University's IT Security Policy (2194/1999) outlines University policy on this matter. Users should have regard to the policy when using the services.]

(e)use the University's Information Technology Services to send or   publish electronically, obscene, racist, offensive, slanderous, harassing or repetitive messages;

(f)in using the services, represent himself or herself as someone else, fictional or real, or as anonymous.

(7) A user must not engage in any activity which adversely affects the security of the services.

Publication of material

7(1) If a user originates material sent over or published on the services the user must present this material in a professional manner upholding the reputation of the University.

(2) Material sent over or published on the services by a user must contain the originator's name and position within the University.

(3) A user must generally have regard to the law of copyright as it affects computer software.

Use of equipment and software

8(1) On any machine governed by allocation of resources to individuals or groups (such as supercomputer time allocation) a user must not exceed his or her agreed allocation.

(2) If a user becomes aware of an abuse of a shared resource the user must report it immediately to the person responsible for the service.

(3) If a user is provided with a software package to be used on University information technology equipment, the user must abide by the licence agreement for each such software package.

(4) A user must not copy computer software contrary to the licence conditions associated with it.

Development of software

9 If a user develops software with potential commercial value on, or with the use of, the services, the user must have regard to the University's policy on Intellectual Property in relation to the software.

Access to remote services from the University

10 For the purposes of this Order, abuse of any information technology service at another site accessed from the University's Information Technology Services is regarded as abuse of Information Technology Services at the University.

[NOTE: Information technology services at another site may also be covered by guidelines administered by the other site.]

Examination of information

11(1) The University may appoint, in writing, a person to examine information stored on information technology equipment provided by the University or used for University purposes when there are reasonable grounds for believing that the equipment has been used in contravention of the Industrial Awards, Statutes, Rules or Orders of the University.

(2) A member of the University staff who is authorised to examine information under subclause 11(1) is bound by the provisions of the Privacy Act 1988 in respect of information obtained through an examination except in regard to its disclosure for purposes of substantiating a contravention to which that subclause applies.

Further conditions

12 Nothing in this Order prevents the Director from applying further conditions to the use of a particular service, because of the special nature of the service.

Penalties

13(1) A person who contravenes this Order commits an offence.

(2) A person who commits an offence to which subclause (1) applies is liable to a penalty set out in rule 12 of the Rules.

(3) If a user does not comply with the University's Statutes, Rules, Orders or conditions relating to particular services, in addition to, or substitution for, any other penalty, the user's access to services may be revoked.

[NOTE: The provisions of Part 4 of the Rules dealing with appeals against decisions applying penalties apply in relation to this Order.]

Application of Rules about appeals

14 The suspension and appeal procedures set out in the Rules apply to contraventions of this Order as if the contravention were a contravention of the Rules.