• Section 1 - Preamble
• Section 2 - Purpose
• Section 3 - Scope
• Section 4 - Policy
• University User Account Responsibilities
• Use of Information and Communication Technology (ICT) Resources
• Acceptable Use of Electronic Mail
• Incidental Personal Use
• Use of ICT resources for Approved Activities
• Monitoring and Detection
• Section 5 - Non-compliance

Section 1 - Preamble

(1) Charles Darwin University (CDU) provides Information and Communication Technology (ICT) to support its functions and activities and is committed to ensuring those resources are used in a transparent and accountable manner. All members of the University community have a responsibility to use University ICT resources in a manner consistent with this commitment. Failure to meet this commitment may result in the introduction of threats that may impact the productivity, security and reputation of the University.

Section 2 - Purpose

(2) This policy clearly articulates the expectations for the acceptable use of the University’s ICT systems.

Section 3 - Scope

(3) This policy applies to all University staff and students, and any other members of the University community, including honorary appointees, visitors and volunteers, granted access to the University’s ICT systems.

(4) This policy also applies to all clients of ICT equipment under the management and control by the University, and all equipment connected to the university data and voice networks.

Section 4 - Policy

University User Account Responsibilities

(5) Users are responsible for any activity, transaction or publication of information which originates from their university account. A user must not perform any act that prejudices the security of their university user account including disclosing their password to any other person or allowing another person to use their account.

(6) Users who inadvertently receive or access unacceptable material must take immediate action to either delete such material or cease such access. Advice should be sought from the user’s supervisor or from the ITMS helpdesk if unacceptable material continues to be received.

Use of Information and Communication Technology (ICT) Resources

(7) The university provides ICT resources to support its for education, research and work purposes and expects that these resources will only be utilised for the appropriate and legitimate performance of these activities. Acceptable use of the university’s ICT resources is any use that is:

1. consistent with Commonwealth, state and territory laws;
2. meets expectations of the relevant codes of conduct;
3. compliant with any lawful direction provided by a university officer or an authorised office under the Charles Darwin University Act 2003; and
4. maintains the security of the university’s ICT resources and facilities.

(8) Unacceptable use of the University ICT resources is any use that:

1. breaches any Commonwealth, state and territory laws;
2. breaches the university’s behavioural expectations, including not complying with the Staff Code of Conduct or the Student Code of Conduct;
3. disobeying any lawful direction provided by a university officer or an authorised officer under the Charles Darwin University Act 2003;
4. includes receiving, accessing, downloading, displaying, transmitting and/or making unacceptable material via any media including personal storage devices connected to a university network;
5. overloads or monopolises ICT resources in a manner which adversely affect other users, including unauthorised sending of electronic messaging to a large number of recipients that may initiate a service disruption;
6. breaches the University’s expectations regarding personal responsibility for a user’s account;
7. acts in a manner that compromises the security, confidentiality, integrity and availability of ICT resources;
8. contravenes software End User Agreements including copying software without authorisation from the copyright holder; and/or
9. constitutes excessive personal use of ICT resources.

Acceptable Use of Electronic Mail

(9) Access to a University email account is provided for the purpose of sending and receiving emails related to the performance the user’s work, studies or university responsibilities. The use of University email services becomes a formal corporate record of the University and is governed by relevant legislation, by the University’s stated values and standards of professional conduct.

(10) Users of University email services are expected to respect the standards of courtesy and professionalism that apply to all University communications and to avoid aggressive or abusive messages, messages that could reasonably be viewed by others as offensive or objectionable, or messages containing content that is obscene.

Incidental Personal Use

(11) The university recognises that ICT resources may be used for incidental personal use. Incidental use must be infrequent and minor and must not breach this policy or interfere with university operations and must not interfere with the performance the user’s work, studies or university responsibilities. Incidental personal use does not include the following:

1. maintaining or supporting a personal private business;
2. recruitment of members to, or soliciting donations for, political parties or religious groups;
3. transmission, viewing or publication of unacceptable material;
4. publication of internet sites or pages unrelated to university activities;
5. personal observations using inappropriate or offensive language or images;
6. downloading, uploading, accessing or sharing copyright material and media; and
7. any malicious or unlawful purpose.

Use of ICT resources for Approved Activities

(12) The university acknowledges that, as part of their employment or studies, staff and students may be required to use ICT resources to access unacceptable materials. Users must ensure approval for such activities is provided by the relevant Dean or Head of Division and subsequently registered with ITMS prior to access or use occurring.

Monitoring and Detection

(13) The university routinely captures and inspects data stored or transmitted on the University’s ICT facilities when investigating system problems or potential security violations. This data is used to maintain system security and integrity and to prevent, detect or minimise unacceptable behaviour and may include information relating to user activity, including email and internet usage, file operations and content stored on connected storage devices.

Section 5 - Non-compliance

(14) Non-compliance with Governance Documents is considered a breach of the Code of Conduct - Staff and Code of Conduct - Students, as applicable, and is treated seriously by the University. Reports of concerns about non-compliance will be managed in accordance with the applicable disciplinary procedures.

(15) All staff members have an individual responsibility to raise any suspicion, allegation or report of fraud or corruption in accordance with the Fraud and Corruption Control Governance Framework, Fraud and Corruption Control Policy and Whistleblower Reporting (Improper Conduct) Procedure.