|Subject:||Appropriate Use Policy for Information Technology|
|Date Issued:||Policy issued January 8, 2010|
|Effective Date:||February 8, 2010|
|Affected Entities:||Campus Community|
|Responsible Entity:||Vice President of Instructional and Information Technology|
|Revisions, if any:||This policy supersedes Interim Appropriate Use Policy for Information Technology date adopted June 3, 2002|
The purpose of this Policy is to help ensure reliable and proper user access to Cal Poly Pomona Information Technology (University IT) resources and the lawful use of these resources.
This Policy applies to all users of University IT resources. There is no intent to infringe on other University policies, procedures and documents including, but not limited to, Academic Freedom, Intellectual Property and Contract agreements. In the case of detected misuse, intentional or otherwise, it may be necessary to suspend the use of University resources for an individual user until the integrity of service for all University users is restored. Access will not be revoked without cause.
Appropriate use of University IT resources shall:
Use of the University’s IT resources requires that the user must:
The responsibility for implementing and interpreting this Policy resides with the Vice President of Instructional and Information Technology (I&IT) and authorized designees. Interpretations and disciplinary referrals shall be done in consultation with relevant administrative units, bargaining units, law enforcement agencies, and individuals. Questions regarding this Policy should be directed to the office of the Vice President of I&IT. Implementation includes actions taken by the VP of I&IT or an authorized designee to uphold the intent of this Policy. Such actions include the following:
1) Creating and maintaining procedures to support the intent of this Policy.
2) Enforcement of the intent of this Policy.
3) Requiring specific training and/or granting permissions for the use of IT resources.
4) Entering into agreements on behalf of the University with third parties to ensure the integrity of University IT resources.
In no case shall any action be contrary to any other University policy, contractual agreements or bargaining unit agreements. Any procedure developed by a department, college, school, or division must conform to the policy in this document. Copies of this document shall be available online.
The Vice President of I&IT is authorized to take actions necessary to ensure the availability and integrity of campus information resources. This may include temporarily disabling a user’s access when there exists evidence that user’s actions represent inappropriate use as defined in this Policy and impacts other users and/or the integrity of data or systems. When this is necessary, the user will be contacted and advised of the Policy and specific inappropriate actions. Access will be restored quickly once the Policy violation has been resolved. The Vice President of I&IT may refer repeated, intentional, or egregious violations to the appropriate office under existing procedures for consideration of corrective/disciplinary action.
Inappropriate use may be brought to the attention of the Vice President of I&IT by technical staff, other members of the campus community, or off-campus entities (e.g., when an off-campus system is being attacked by a computer on the campus or attached to the campus network). The Vice President or designee is required to respond to such complaints. Investigation of complaints occasionally requires the inspection of a user’s computer or files. When proper cause exists, authorized system administrators, when authorized by the Vice President of Instructional and Information Technology, will inspect content only as required for purposes of the investigation.
Violation of Policy
Violation of the Appropriate Use Policy for Information Technology could also subject the employee to additional training/reprimands/corrective action which may be placed in the Official Personnel File. Violation may also result in disciplinary action, which may only be administered in a manner consistent with the terms of the applicable collective bargaining agreement in accordance with the applicable provisions of the California Education Code.
A student who violates university policies or regulations is subject to disciplinary action as prescribed in the student code of conduct.
Non-student/non-employee violations of the Appropriate Use Policy for Information Technology could also subject the user to temporary or permanent disabled IT access and other administrative remedies, as deemed appropriate.
The University is not responsible for loss of information from computing misuse, malfunction of computing hardware, malfunction of computing software, or external contamination of data or programs. The staff in Instructional and Information Technology and all other system administrators must make every effort to ensure the integrity of the University’s computer systems and the information stored thereon. However, users are advised that no computer or computer network is inherently private and that no security or back-up system is 100% reliable.
Use of University IT resources not contrary to the intent of this Policy.
Individual(s) authorized by either posted job description or recorded written assignment by the President and/or the Vice President for I&IT to enforce the intent of this Policy.
Data or information and the software and hardware that make that data or information available to users.
An action against the intent of this Policy. Examples of misuse include the following:
Personal purpose as defined by California Government Code, Section 8314 means “those activities the purpose of which is for personal enjoyment, private gain or advantage, or an outside endeavor not related to state business. Personal purpose does not include the incidental and minimal use of public resources, such as equipment or office space, for personal purposes, including an occasional telephone call.”
As used in this document, University includes the campus community, students, auxiliaries, contractors, and other outside organizations that use our equipment, software, and /or databases.
University IT resources encompass software, hardware, networks and data owned and/or licensed by the University.
Use is defined to be the operation of University IT resources. This includes direct operation of University-owned hardware or software. It also includes transmission of data across the University’s network infrastructure regardless of ownership of the sending/receiving device
Someone who makes use of University IT resources is the user.
President J. Michael Ortiz
February 8, 2010