Sustainability Victoria (SV) is highly reliant on the information that is gathered, processed and stored on its information and communications technology (ICT) systems.
The purpose of this policy is to give a clear statement to all external ICT users of their responsibilities in maintaining an effective, secure and available ICT environment. Use of SV ICT systems is deemed as acceptance of this policy.
This policy applies to all external SV stakeholders who have been granted access to SV ICT systems (Users).
The policy applies to all devices that can be connected to the SV network, including but not limited to:
This document will be reviewed every 12 months and any approved changes that are made will be reflected in the document change control section. Changes may also be made in the event that there are significant changes in SV ICT that require usage procedures and/or guidelines.
SV is bound by the:
It is the responsibility of all Users to read, understand and comply with this policy. Users should notify SV if they are aware of any breaches of this policy being committed by other persons.
It is a condition of use of the SV ICT network that Users agree to familiarise themselves and comply with this policy. Any use of the ICT network is deemed acceptance of this Policy.
SV's ICT systems are tools to be used for the purpose of SV work-related activities.
Users of SV ICT environment and systems must not create, send, store, access, use, solicit, publish or link to:
SV's ICT systems must not be used for any illegal activity such as creating, accessing or sending chain letters, pyramid schemes, spam, or attacking other computer systems. Any file sharing software (i.e. BitTorrent) is not permitted.
SV ICT systems are not permitted for downloading or storage of music or video content except where it is deemed for the purpose of SV work-related activities.
All intellectual property in all material created by Users using SV's ICT systems is immediately assigned to SV on creation.
Users are not to use SV ICT to infringe any intellectual property.
Users must not deliberately corrupt or destroy SV ICT facilities.
Users must not install or connect unapproved hardware to SV's network.
Use of SV ICT facilities is subject to the full range of laws that apply to other communications. Users must not:
All individuals who require access to SV's ICT systems must be properly identified by means of a unique account and verified by an authentication process using their network login credentials.
SV User accounts will be locked out if 3 invalid login attempts have been made and will be unlocked on request by lodging a request by calling the SV Helpdesk.
Ongoing Users are required to change their passwords every 60 days. A pop-up notification will automatically be generated 5 days before the password expiry date. Users should follow the prompts to change their password before the expiry date to prevent the account being locked out.
Users are expected to keep their account details private and secure. Sharing of passwords or making passwords visible may be considered a breach of this Policy.
Users will maintain the confidentiality of information they have access to.
Users may have their access suspended immediately where there is a suspected breach of SV policy (this Policy, or any other).
Users acknowledge that all electronic data is subject to the same record management and freedom of information requirements as paper-based equivalents and must be treated as such.
Users are responsible for any applicable data charges based on the User's connection as determined by their respective Internet Service Provider (ISP).
When Users no longer have a relationship with SV, their account will be disabled at SV’s discretion.
SV will take reasonable steps to protect its ICT environment and data from unauthorised and unacceptable use and ensure that accurate and complete information is accessible only to authorised Users.
Users are expected to take reasonable steps to help protect SV's ICT environment.
Users must not allow another person to utilise their Username and Password combination.
Similarly, a User must not attempt to initiate or operate a computer session by using another person's Username and Password.
Username and password combinations are considered as a User's identity, much the same as a PIN or internet banking password. As such these should be protected against identity theft.
Depending on the nature of the inappropriate use of SV ICT systems, non-compliance with this Policy may result in termination of use of SV ICT systems or termination of contract (if applicable).