|
|
|
|
|
|
F/1.1 Provision and use of information resources and services |
||||||||||||||||||||||||||||||||||||
1.1.1 Framework for allocation of information resources and services 1.1.1 Framework for allocation of information resources and servicesThe University provides students and staff with information resources and services to assist them in achieving their teaching, learning, research and community service goals. This commitment includes access to a range of print and electronic information resources and services provided through the University's information technology infrastructure and the QUT Library. The University has a responsibility to ensure that information technology and resources are aligned with its business and deliver value to the organisation through the appropriate allocation of resources, adequate assessment of security and mitigation of risk. Performance on information management activities should be measurable. To appropriately allocate these resources, and address security and other risks, the University has established a process by which access to corporate physical and virtual information resources and infrastructure is granted. Provision of information resources and services by faculties and divisions is outlined in individual Client Charters which specify service standards. 1.1.2 Use of QUT information resources and servicesWith the rapid development of academic and research networks in Australia and internationally, staff and students of the University have ever-increasing communications capability. This capability brings with it certain responsibilities and QUT has adopted rules for the use of information facilities (see Appendix 1(c) ). In particular, Schedule 1 (Acceptable Use of Information Facilities) of the Information Facilities Rules aims to promote ethical and responsible use of the University's information facilities and applies to all staff and students. Information systems provided by the University, whether within faculties or divisions, may only be used in support of QUT's teaching, research, administration and service activities. QUT's commitment to professionalism, ethical practices, equity and social accountability implies a duty of care in relation to the use of information resources. Finite resources are applied to information facilities, and their use for University purposes must not be diminished by use for other purposes. QUT also has a continuing concern with its image and reputation, including that which is conveyed on information networks. Therefore, QUT is committed to procedures which:
QUT routinely logs network activity and may use this information to investigate faults, security breaches and unlawful activity (see F/1.2.7 ). 1.1.3 Responsibilities relating to provision of information resources and servicesDeputy Vice-Chancellor (Technology, Information and Learning Support) The Deputy Vice-Chancellor (Technology, Information and Learning Support) is responsible for the provision of information resources and services to the University community. The Division of Technology, Information and Learning Support provides central support for the academic functions of QUT faculties, and technological support for communication and administration within all areas of the University. Information Technology Governance Committee Information Technology Governance Committee is responsible to the Vice-Chancellor for monitoring and reviewing University direction and strategic deployment of information technology infrastructure. Full details of the Committee's terms of reference and membership are found in F/1.7 . Data custodians Whilst QUT owns the data in the information systems used to support the University's business processes, a nominated data custodian has primary responsibility for the management and control of data sourced from their business area. Data custodians are senior managers responsible for:
Data custodians are expected to monitor and evaluate business processes to ensure that these are consistent with best practice principles for data management, and are responsible for approval of the 'rules' which are used to determine user access to information resources and services (though this approval can be delegated to another officer in the business area). Further information on the role and responsibilities of data custodians can be found in guidelines approved by the Deputy Vice-Chancellor (Technology, Information and Learning Support). 1.1.4 Approved defined rolesQUT allocates access to information services and resources based on approved defined roles. These roles determine the services and resources which a user may access. Any new categories of users or roles are determined in accordance with QUT's provisioning guidelines approved by the Deputy Vice-Chancellor (Technology, Information and Learning Support). A data custodian (or delegate), in determining approved defined roles and consequential access to services or resources, must take into account business needs and risks, information security and privacy requirements (refer to F/1.2 and F/9.1 for further details) and other relevant matters such as technical requirements and constraints. The following persons are entitled to use a range of information resources and services based on their approved defined role, provided that they abide by the Information Facilities Rules , this policy and authentication requirements:
Rights to use the information resources and services of the University are non-transferable, unless specifically authorised by the Deputy Vice-Chancellor (Technology, Information and Learning Support). The University permits members of the public to use physical resources such as the QUT Library, including the on-line library catalogue. The University may also permit use of information technology systems and facilities by members of the public subject to the provisions of the Telecommunications Act 1997 (Cwth). The University may apply charges for use of information resources and services in accordance with its user charging policy (see G/8.1 ), and fees designated under the Information Facilities Rules (see Appendix 1(c) ). 1.1.5 Acquisition of information technology and software licensing agreementsThe provision of information resources and services requires the acquisition of information technology hardware and software and the development of significant infrastructure. Expenditure of funds on information technology acquisition should be aligned with QUT's planning processes and priorities, including the Asset Management Plan, and should be consistent with policies and procedures relating to information technology and purchasing. In addition, acquisitions of information technology and software licences must be considered in the broader context of QUT's information technology deployment, to determine any significant implications raised by the acquisition. The Deputy Vice-Chancellor (Technology, Information and Learning Support) is responsible for the development of protocols to enable the assessment of any broader implications of an acquisition to be undertaken by relevant staff of the Division in conjunction with the area proposing the acquisition. Where necessary, the Deputy Vice-Chancellor (Technology, Information and Learning Support) may specify that the project to which the acquisition relates must be added to the Information Technology Project Register, to address risk and to ensure that the project to which the acquisition relates is managed appropriately. Subject to compliance with the above, acquisitions may be approved by relevant officers up to the officer's expenditure limit. For further details refer to Appendix 3 Schedule of Authorities and Delegations . Related DocumentsTelecommunications Act (Cwth) 1997 MOPP Appendix 1(c) - Information Facilities Rules MOPP F /1.2 Information systems security policy MOPP F/9.1 Privacy policy MOPP G/8.1 User charging policy Modification History
|
