The following links provide access to relevant University IT policies and procedures. It is important to be familiar with the policies that apply to you.
|Policy name||Summary of contents||Target audience|
|Information Security Policy||
The purpose of the Information Security Policy is to describe the University’s approach to protecting its digital information assets and to inform staff, students, contractors and associated third parties of their respective obligations and responsibilities. The document provides a high level overview of areas including; Information Security Management Framework, Roles and Responsibilities, Information Asset Classification, Network and Communications, Physical Controls and IT DR.
All users required to access any digital information asset owned or controlled by the University.
|IT Asset Management Policy||
The IT Asset Management Policy provides guidelines relevant to all IT assets purchased by the university. The policy covers the asset management lifecycle, including acquisition, identification, and security of assets and disposal of hardware, software and media. The policy references other documents such as the Purchasing Policy and the Asset Disposal Procedures.
All users involved in management of IT assets, and asset users.
|IT Acceptable Use Policy||The IT Acceptable Use Policy outlines the acceptable use of Flinders University Information Technology (IT) Resources by all users and the unacceptable use that would expose the University to risks that include loss of confidentiality, damage to reputation, malware attacks, compromise of network systems and legal issues. The policy covers use of IT resources, the internet, email, collaboration and personal use.||All users of IT facilities and IT resources managed by the University.|
|Secure Mobile Computing Policy||The Secure Mobile Computing Policy outlines the requirements and expectations of any user who is allocated a Mobile Computing Device by the University including (but not limited to), staff, students, contractors, and third parties. The policy covers physical security of devices and mobile data protection.||All users allocated a mobile computing device by the University.|
|IT Disaster Recovery Policy||The IT Disaster Recovery Policy outlines the principles and requirements for the IT Disaster Recovery plans.||ITS staff and business application owners.|
|Identity and Access Management Policy||The Identity and Access Management Policy outlines the way the University manages access to IT resources owned or controlled by the University. The policy outlines the requirements relating to FANs, physical and logical access to Flinders and other Institutes' IT resources, authorisation and system access reviews.||All users that have reason to access any IT resource owned or controlled by the University.|
|IT Application Acquisition and Development Policy||
The IT Application Acquisition and Development Policy defines the conditions for the acquisition, development, implementation and maintenance of new IT Applications by the University.
|All users involved in the IT application development and acquisition for the University.|
|Mobile Services Policy||The Mobile Services Policy establishes rules governing the purchase and use of mobile services and devices owned and / or managed by the University. The policy covers the responsibilities of ITS, the Heads of Faculty / School / Portfolio and mobile service users.||All users with a University Mobile Service.|