To view or download this policy as a PDF click Employee and Employment Related Policies Documents
Title | Acceptable Use of Information and Communication Technology Resources Policy |
Policy Number | P77 |
Type | Council Policy |
Document Owner | Director Corporate Services |
Approval Date | November 2023 |
MaGiQ Document ID | 691456 |
Review Date | November 2026 |
Council Resolution Number | OC154/2023 |
This Policy articulates the expectations for acceptable use relating to:
This Policy applies to all users of Council ICT resources including external stakeholders. This Policy also applies to all users who connect equipment to any of the Council’s ICT resources.
Content: Information, including records, stored on ICT resources.
Device: Laptops, desktops, iPads, mobile phones and landlines.
ICT Resources: Landline telephones, mobile devices, satellite devices, internet, intranet, computer programs, computers, printers, Wi-Fi-dongles, modems, switches, routers, projectors, multi-function devices, scanners, and:
Unauthorised: not having official permission or approval.
User: Any person who has been granted access to, and use of, the Council's ICT resources.
This document should be read in conjunction with the following relevant legislation and other Council polices. Users of Council’s ICT resources should note that heavy penalties exist under legislation that relates to the misuse of and/or destruction of Council’s ICT resources and content held on ICT resources.
Document | Description |
Local Government Act | Council’s legislative obligations, including but not limited to section 114 (Conflict of interest) and section 118 (Disclosure of confidential information) of the Local Government Act. |
Information Act 2002 | Council’s legislative obligations. |
Local Government Regulations | |
P04 Asset Management Policy | Council’s policy for implementing consistent asset management processes. |
P90 Privacy Policy | Council’s policy related to collection, storage, use and disclosure of personal information. |
P66 Records Management Policy | Council’s policy relating to the management of records, including those held on Council ICT resources. |
P06 Conflict of Interest Policy | Council’s policy relating to conflict of interest and how it is managed. |
P26 Assets and Portable and Attractive Items Policy | Responsibilities of Council staff in relation to maintenance of the asset and portable items. |
SP01 - Code of Conduct (Employees) | Behaviour and values to be followed for all Employees. |
P78 Cyber Security Policy | Council’s policy for managing the confidentiality, integrity and availability of its information assets. |
Delegations Register | A register of all delegations made by the Council or the CEO. |
Any Published ICT Procedures |
Council provides access to its ICT resources to users for conducting Council business.
All ICT resources including hardware and software purchased with Council funds and content held on ICT devices are the property of Council.
Electronic communications created, sent or received using Council email systems are the property of the Council and may be accessed by an authorised person or their delegate in the case of an investigation. This includes investigations following a complaint or investigations into misconduct.
Electronic communications may also be subject to discovery in litigation and criminal investigations. All information produced on users’ computers, including emails, may be accessible under the Information Act (2002).
As a user of Council’s systems, users are permitted to use Council’s technology and information assets required to perform work duties. This includes access to specific facilities, devices, servers, software and databases, telephony, email, voicemail systems and the internet. Users have a reasonable expectation of privacy and protection from abuse and intrusion from other while using Council’s resources.
A user is responsible for knowing and understanding the policies in place for Council, and their associated responsibilities. In instances, an action may be technically possible, but may be a breach of this, or other, policy. Council employees are trusted and empowered to recognise unacceptable use of ICT assets and are responsible for reporting policy violations.
All users are expected to take reasonable precautions to protect the Council’s and the community’s information, system, and facilities. Councils expectation for reasonable precautions include:
Installation of privately purchased and owned ICT resources, on Council ICT resources is not permitted. All software installed on the device at the time of delivery to the user is to be considered essential. Removal of any such software is prohibited.
Modification of ICT resources or configuration is prohibited.
Under no circumstance is a user authorised to use Council’s ICT resources to engage in any activity that is illegal under State, Federal or International law. Access to Council resources is a privilege, not a right, and accordingly may be revoked if a user performs an unacceptable use of ICT resources. Council’s ICT resources must not be used:
Occasional personal use is permitted on an infrequent basis, must be brief and only carried out in the user’s own time during breaks. Personal use must not:
Usage charges for mobile ICT resources are subject to periodic monitoring. Excessive data usage over the assigned plan will result in additional costs being passed on to the user of the device.
To protect our network, servers, data and/or to comply with legal or regulatory requirements, Council reserves the right to log, intercept, interrogate and otherwise capture data created or received by Council resource users. Council reserves the right to perform forensic examination of Council devices and accounts if required.
Any identified potential security incidents, breaches and spoofing emails must be reported immediately to a users’ supervisor and the ICT department.
Information security incidents may include but are not limited to:
Date | Details |
1 December 2022 | Adopted Policy (OC024/2022) |
25 November 2022 | Policy reviewed and adopted (OC108/2022) |
24 November 2023 | Policy reviewed and updated (OC154/2023) |