Information and Communication Technology Policy

PURPOSE

This policy details the parameters of Information, Communications, and Technology (ICT) access and help for staff, students, contractors, and visitors at Leaders Institute (LI).

SCOPE

All staff, students, prospective students, contractors, and visitors

PRINCIPLES

ICT services support all LI's activities. The Institute ensures that:

• appropriate training is provided during staff induction and student orientation, tutorials, study skills workshops, and other programs regarding LI's Learning Management System, as well as other ICT software, such as Microsoft Office and Turnitin;

• students have access to learning support services consistent with the requirements of their courses, modes of study, and learning needs. This includes arrangements for supporting and maintaining contact with students who are off campus or studying online;

• students are aware of all support mechanisms to ensure they maximise LI's ICT services for their learning and are used for the correct means;

• all non-current staff and student accounts are deleted to safeguard security and ensure that data and space is used efficiently;

• students enrolled in an LI course have ICT access and support for the duration of their enrolment;

• student email addresses and ICT accounts are created for the purposes of all official communication between students and LI. LI is responsible for protecting the privacy of student information and communications as required by the Privacy Act 1988. It is the responsibility of the students to activate their account once enrolment has been confirmed and maintain security of their personal information including for assessments.

• all staff and enrolled students have access to the LI online learning management system and library resources;

• timely internet and computer access are provided to all staff and students at LI campuses.

Acceptable Use of ICT Resources

LI requires all users of its ICT resources to do so in an authorised, responsible, ethical, equitable, and legal manner in accordance with LI's Code of Conduct Policy and other LI policies. The use of LI's ICT resources is subject to Australian laws. This includes, but is not limited to, copyright, breach of confidence, defamation, privacy, contempt of court, bullying, cyber-bullying, harassment, vilification, anti-discrimination, willful damage, and computer hacking.

PROCEDURES

The ICT Manager creates temporary passwords and accounts for all students prior to the commencement of semester. It is the responsibility of staff and students to activate their accounts. Assistance is provided by the ICT Manager as required.

Emails

• Staff and students are allocated an email account that has a storage capacity of 15GB. Users receive automated alerts when usage of the email storage approaches and exceeds 95% of the storage limit.

• When the above situation takes place students will not be able to send email but will continue to receive email;

• When the capacity reaches 100%, students will not be able to receive or send email;

• Students should contact the ICT Manager to help them archive their emails if required;

• Students should contact the ICT Manager for all password resets to their accounts.

Inappropriate Use of ICT Resources

Staff or students who undertake the following are in breach of the lawful use of LI's ICT resouces:

• directly or indirectly breaching a Commonwealth Law or State Law;

• directly or indirectly breaching LI's Code of Conduct Policy;

• disregarding or disobeying the lawful direction provided by the appropriate authorities;

• sharing access to the nominated ICT resources or facilities without the consent of the ICT Manager or delegated representative;

• accessing, receiving, downloading, displaying, or transmitting unacceptable material via media, including sharing through personal media storage devices such as external USB sticks, hard drives, etc. while using LI's ICT network;

• acting in a manner that compromises the security, confidentiality, integrity, and availability of ICT resources and facilities. This includes, but is not limited to, purchased or commercial software, sound, graphics, images, or datasets; shareware; freeware; and electronically stored documentation and the media that holds it. This includes online services (i.e. software-as-a-service) licensed to LI.

Notifying and Handling of Breaches

Users who become aware of a possible breach of this policy must report it to the ICT Manager or delegated representative. Breaches of this policy, as well as outstanding student fees and charges, may result in having an ICT account disabled. Staff or students who have their ICT account disabled have the right to access the relevant grievance policies.

LI will report illegal activities and corrupt conduct to appropriate authorities. All ICT usage may be recorded for the purpose of security and risk management.

Cybersecurity Risk Management

Cybersecurity controls are in place to help reduce cybersecurity risk by either reducing the likelihood or impact of an incident, or both. LI will identify and treat cybersecurity risk through the following processes:

• keep and maintain a register of key information assets;

• the ICT Manager shall use the established framework for performing cybersecurity risk assessments;

• incorporate cybersecurity risk identification and assessment into processes impacting the use and processing of LI resources and systems;

• maintain a register of cybersecurity risks with related controls;

• review risks at regular intervals, including significant security incidents, threats, or potential changes to business requirements;

• implement and strengthen controls to reduce risk;

• evaluate the effectiveness of controls.