Information Technology

Usage Policy
Ver 2.0

The integrity of Minconsult Intellectual Property, Data and the supporting Information
Technology (IT) Infrastructure is vital to the success of Minconsult

IT Department
March 2019
Overview
This document identifies the Minconsult Information Technology (IT) Policy for Acceptable use of IT
Resources to ensure the integrity, security, confidentiality and availability of Assets, Applications and
Data.
This Policy applies to all Users of Minconsult IT Resources (employee, contractor, etc.).

Scope
This policy includes but is not limited to:
Data & Intellectual Property: All Minconsult electronic data; created, saved, stored, archived or
deleted.
Infrastructure: Minconsult IT services including: Networking, Servers, Data storage, cabling and
associated peripherals.
Hardware: All Minconsult IT provided Hardware including:
 Computers and peripherals, printers, plotters, scanners and other network connected devices.
 Mobile Devices - Phones, Tablets, Laptops, Storage devices such as USB drives or other media., etc.
 Fixed IT Assets –wired and wireless Telephones, Time Reporting Equipment, CCTV and other
monitoring equipment including conference and meeting room equipment.

Governing Rules:
 Treat others with Respect.
 Use IT Infrastructure in a productive manner. Be aware of the applications and tools available
and utilize as appropriate.
 Keep aware of Security Issues in order to understand, recognise, and report threats, risks and
incidents. Stay current through discussions, training courses, seminars, articles, etc.
 IT Infrastructure is intended for work related activities. Incidental personal use if limited in
duration is acceptable if it does not interfere with work activities.
 Be aware that your communications will reflect on Minconsult’s reputation.
 Minconsult IT resources / networks are monitored and files / correspondence may be analysed
and evaluated if required.
 Identify to your manager or the IT Manager if you believe someone is misusing Minconsult
information or IT Assets.
 Misuse or inappropriate use may result in disciplinary action.

1 IT Assets
1.1 Respect Company IT Assets. User is responsible for the safe upkeep of IT Assets assigned to them.
1.2 IT assets are to be used for work. Use responsibly, ethically, professionally and lawfully.
1.3 Keep assigned devices safe and secure and immediately report any loss or damage of equipment.
1.4 Assets remain the property of Minconsult and must be surrendered when requested.

2 Password Security
2.1 Security of your User credentials / passwords is your responsibility. Use Secure passwords
2.2 Only logon to Minconsult systems using your own credentials. If you require access to a system /
service that you do not have access to; contact your manager.
2.3 Log out or Lock devices when not in use.
3 Confidentiality
3.1 All Users are responsible to protect Minconsult intellectual property.
3.2 Ensure that all information created is used, shared and disposed of in line with business need and in
compliance with IT Policy.
3.3 Only access data that you have a valid business need for.
3.4 Use caution when callers or e-mails request information. When in doubt contact your manager.
3.5 Be careful in public areas when conducting Minconsult business.

4 Data Integrity
4.1 Comply with the Minconsult Security Regulations in managing Minconsult information.
4.2 Ensure you have proper authorization before you attempt to access, amend, delete or disseminate
another Users files, emails, communications or data.
4.3 Files, data created, updated and used within the company systems is the property of this company and
it is every employee’s responsibilities to ensure that is not misused, leaked or shared without proper
authorization.
4.4 Portable devices and storage systems leaving site must be encrypted.

5 Personal Use
5.1 You are personally accountable for what you do with Minconsult technology – use it responsibly,
professionally, ethically and lawfully.
5.2 Ensure that any personal information stored is appropriate and understand that the storing of personal
information on Minconsult devices and systems is a privilege and Minconsult has the right to require
removal should this data interfere with business activity or use.

6 Appropriate Use
6.1 IT Systems are intended for Minconsult work related activities.
6.2 Only download and store media files that are relevant to your work activities.
6.3 Ensure activities do not damage the reputation of Minconsult, its employees or the public. This
includes creating, accessing, storing, transmitting or distributing links to material that:
 Could embarrass or compromise Minconsult in any way.
 Is obtained in violation of copyright or used in breach of a licence agreement.
 Can be reasonably considered as harassment of or insulting to others.
 Is offensive, indecent or obscene.
 Is for personal gain or on behalf of external groups.
 Solicits or promote religious, political or other non-business-related causes, unless authorised.
 Provides unauthorised views or commitments that could appear to be on behalf of Minconsult.
6.4 Avoid any illegal activities or any form of gaming, lotteries or, betting.

7 Infrastructure Security
7.1 Only use approved devices including external drives and USBs when connecting to IT Systems.
7.2 Only use systems, applications, software and devices which are approved by Minconsult IT.
7.3 All requests to use new software must be approved by IT.
7.4 Do not use any applications and/or devices to circumvent management or security controls.
7.5 Do not use IT Equipment USB ports to charge personal devices as it may allow malware to enter
Minconsult systems. Use designated chargers.
7.6 Only IT can connect, configure or reconfigure IT Systems or Devices.

8 Email Practice
8.1 Your Minconsult email address is intended for business related activities. Occasional use for private
activity is acceptable if it does not impact your job function.
8.2 Know how to spot suspicious emails. Verify sender’s address. If unsure do not open, check with the IT
department.
 8.3 Use only appropriate language in messages, emails, faxes and recordings. Threatening, derogatory,
abusive, indecent, obscene, racist, sexist or otherwise offensive content is not acceptable.
8.4 Delete non-work-related emails (jokes, pictures, etc.) emails and attachments and avoid retransmission
of SPAM.
8.5 Respect third party email message integrity when forwarding (retain original unaltered content).
8.6 Only use your own identity in communications. Do not try to assume the identity of another user or
create or send material designed to mislead people about who originated or authorised it (alter
headers, scanned signatures, etc.).

9 Internet Usage
9.1 Use internet access responsibly, professionally, ethically and lawfully.
9.2 Minconsult security systems are in place to protect IT Assets avoid any attempt to bypass them.
9.3 Contact IT with requests to unblock a website if required.
9.4 Only use approved Minconsult social media accounts for official business.
9.5 Avoid placing sensitive Minconsult information onto online forums, blogs or social networking sites.
9.6 Be aware that social media content may be available for anyone to see for posterity.

10 Compliance
10.1 Immediately report any breach of this Acceptable Use Policy to your line manager or the IT Manager.
10.2 Managers are responsible for:
10.2.1 Ensuring that employees understand their responsibilities and consequences.
10.2.2 Monitoring employee compliance to this policy document.
10.2.3 Taking appropriate action if employee fails to comply.
10.3 Employees are responsible for ensuring that they understand and comply with their responsibilities as
defined in this policy.
10.4 If you are unable to comply with this policy or require use of technology which is outside of scope you
should discuss it with your line manager or escalate to IT for advice on available options.
10.5 Breaching this policy may result in disciplinary procedures (including criminal prosecution) which could
lead to dismissal.

11 Agreement
11.1 All Minconsult’s employees, temporary staff or contractors who have been granted the right to use the
company's IT infrastructure, are required to sign the Agreement confirming their understanding and
acceptance of this Minconsult’s Acceptable Use of IT Policy.