Associate Handbook 2018

10.26 Information Technology – Policy Statement

All IT resources are provided to Associates for Company business only. All network, software, internet and email usage is recorded and / or monitored by the IT department and therefore Associates should not expect any activity to be for private viewing only. Misuse of IT includes, but is not limited to, engaging in any illegal or wrongful conduct; infringing the copyright or other intellectual property rights of third parties; placing unlawful information on a system; distributing defamatory fraudulent or harassing messages; use abusive language in either public or private messages; install or delete any software on their computers, make changes to PC configuration or hardware without obtaining advance permission from the Information Technology department; and failing to prevent unauthorised access to IT resources.

All Associates are expected to be familiar with and comply with the following guidelines:

 Technology End User Security Standard Guideline

Laptop Security Policy



Information Technology Security Policy



Email policy



10.27 Information Security – Policy Statement

The purpose of this Information Security Policy is to protect information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimize business damage and maximize return on investments and business opportunities. All information that is sensitive, critical, or is of commercial value to the Company should be protected. Information takes many forms and includes data printed or written on paper, stored electronically, transmitted by post or using electronic means, stored on tape or video, or spoken in conversation.

It is the Policy of the Company to ensure that:

 information is protected from a loss of confidentiality, integrity and availability

 regulatory and legislative requirements are met

 all Company laptops are encrypted and that encrypted USB devices should be used as recommended

 business continuity plans are produced, maintained and tested

 information security training is available to all Associates; and

 breaches of information security, whether actual or suspected, are reported to, and investigated by, the local Information Security Manager

All Associates are required to be familiar with and comply with the following guidelines:

Information Technology Security Policy

