{dojo-tabs:theme=tundra}
{dojo-tab:title=Brief|selected=true}
|Title:|Acceptable Use of Information Technology|
|Publication date:|8/6/2014|
|Effective date:| Card |
---|
| Title: | Acceptable Use of Information Technology | Publication date: | 8/9/2024 | Effective date: |
| |
h2.BRIEF
h3.Policy Summary
This policy defines acceptable use of Laboratory Information Technology (IT) at Berkeley Lab. Acceptable use includes both business (official) use and incidental personal use, subject to restrictions. This policy also describes unacceptable use and sanctions.
h3.Who Should Read This Policy
* Employees and affiliates
* Other users of Laboratory IT, including collaborators
h3.To Read the Full Policy, Go To:
The POLICY tab on this wiki page
h3.Contact Information
Information Technology Policy Manager
Information Technology Division
[[email protected]|mailto:[email protected]]
{dojo-tab}
{dojo-tab:title=Policy}
|Title: |Acceptable Use of Information Technology|
|Publication date: |8/6/2014|
|Effective date: |3/20/2007|
h2.POLICY
h3.A. Purpose
This policy defines acceptable use of Laboratory IT at Lawrence Berkeley National laboratory (Berkeley Lab) to:
* Further the mission of Berkeley Lab
* Enforce compliance with applicable laws and regulations
* Protect the Laboratory from legal action
h3.B. Persons Affected
This policy applies to employees and affiliates and other users of Laboratory IT, including collaborators.
h3.C. Exceptions
Not applicable
h3.D. Policy Statement
# *Acceptable Use*
## *Business Use (Official Use)*
### Acceptable use is the use of Laboratory IT to accomplish tasks related to any Berkeley Lab role or position.
## *Incidental Personal Use*
### The Laboratory permits the incidental personal use of Laboratory IT. Incidental personal use is a privilege and the Laboratory may revoke or limit it at any time.
### *Requirements.* Incidental personal use of Laboratory IT must not:
#### Interfere with employment or other obligations to the Laboratory
#### Directly or indirectly interfere with the operation of Laboratory resources
#### Burden the Laboratory with noticeable incremental cost
#### Create a lasting association between the use and the Laboratory
#### Portray the Laboratory or its employees in an inappropriate or unbecoming manner
### *Expectation of Privacy.* Users have no expectation of privacy when they engage in incidental personal use of Laboratory IT.
### *Reimbursement.* If a system exists for reimbursements, users must reimburse the Laboratory for incidental personal use.
# *Unacceptable Use:* Users of Laboratory IT may not engage in unacceptable use. "Unacceptable use" includes, but is not limited to, use of Laboratory IT:
## In violation of applicable state, federal, Department of Energy, and University law or regulations, including copyright, licensing, or trademark laws
## In violation of Laboratory policy, including policies regarding [information categories and controls|https://commons.lbl.gov/display/rpm2/Controlled+and+Prohibited+Information+Categories]
## For personal gain or lobbying
## To access, store, copy, create, or transmit sexually explicit materials
## To gamble
## For harassment, retaliation, or discrimination, or in an inflammatory manner
## In a manner that can reasonably be expected to offend members of the community, embarrass the Laboratory, or otherwise result in a loss of public trust
## For gaining or attempting to gain unauthorized access to computers, networks, or other information resources
## For unauthorized manipulation, creation, or removal of information
## In a manner likely to cause harm to systems or networks
## To circumvent security controls on Laboratory IT or external systems
# *Sanctions:* Violation of this policy may result in restriction of access to resources, disciplinary action up to and including dismissal, loss of site-access privileges, and/or referral to federal or state law-enforcement authorities for criminal or civil prosecution.
h3.E. Roles and Responsibilities
Employees and affiliates and users of Laboratory IT are responsible for adhering to this policy.
h3.F. Definitions/Acronyms
|*Term*|*Definition* |
|Laboratory IT|Berkeley Lab-managed IT, including computing devices, networks, services, and accounts|
h3.G. Recordkeeping Requirements
None
h3.H. Implementing Documents
|*Document Number*|*Title*|*Type*|
|10.01.001.001|[Responding to Allegations of Copyright Infringement|https://commons.lbl.gov/display/cio/Responding+to+Allegations+of+Copyright+Infringement]|Procedure|
|10.01.001.002|[Responding to Inappropriate Use|https://commons.lbl.gov/display/cio/Responding+to+Inappropriate+Use]|Procedure|
h3.I. Contact Information
Information Technology Policy Manager
Information Technology Division
[[email protected]|mailto:[email protected]]
h3.J. Revision History
|*Date*|*Revision*|*By whom*|*Revision Description*|*Section(s) affected*|*Change Type*|
|8/6/2014|1.2|S.Lau|Review complete, 1 editorial change, update Next Review date|SRD|minor|
|6/19/2013|1.1|J.Bonaguro|Review complete, 1 editorial change, update Next Review date|D.2.d,e|minor|
|1/2/2012|1|J. Bonaguro|Rewrite for wiki|All|Minor |
{dojo-tab}
{dojo-tab:title=Document Information}
h2.DOCUMENT INFORMATION
|Title: |Acceptable Use of Information Technology|
|Document number|10.01.001.000|
|Revision number|1.2|
|Publication date: |8/6/2014|
|Effective date: |3/20/2007|
|Next review date:|8/20/17|
|Policy Area:|Information Technology|
|RPM Section (home)|Information Management|
|RPM Section (cross-reference)|9.01|
|Functional Division|Information Technology|
|Prior reference information (optional)|RPM, Chapter 9, Section 9.01|
h3.Source Requirements Documents
* DOE Order 200.1A, _Information Technology Management{_}, CRD Section 2.b
* DOE Order 205.1B, _Department of Energy Cyber Security Program{_}, CRD
* DOE Office of Science _Program Cyber Security Plan{_}, June 2010
* {color:#222222}Berkeley Lab Senior Management requirement{color}{anchor:800-53}{anchor:SP-800-53-Rev._3}
h3.Implementing Documents
|*Document Number*|*Title*|*Type*|
|10.01.001.001|[Responding to Allegations of Copyright Infringement|https://commons.lbl.gov/display/cio/Responding+to+Allegations+of+Copyright+Infringement]|Procedure|
|10.01.001.002|[Responding to Inappropriate Use|https://commons.lbl.gov/display/cio/Responding+to+Inappropriate+Use]|Procedure|
{dojo-tab}
{builder-show:group=rpm2-admins}
{dojo-tab:title=Additional Information}
h2.ADDITIONAL INFORMATION
|Title: |Acceptable Use of Information Technology|
|Document number|10.01.001.000|
|Revision number|1.2|
|Publication date: |8/6/2014|
|Effective date: |3/20/2007|
|Next review date:|8/6/2017|
|Policy Area:|Information Technology|
|RPM Section (home)|Information Management|
|RPM Section (cross-reference)|9.01|
|Functional Division |Information Technology|
|Author name/contact info|S. Lau|
| | |
|Revision 0 publication date|3/20/2007|
|Retirement date|n/a|
|Prior reference information (optional)|RPM, Chapter 9, Section 9.01|
| | |
|Inputs from more than one Functional Area?|No|
|List additional Functional Areas & contacts| |
| | |
|Inputs from more than one Policy Area?|No|
|List additional Policy Areas & contacts| |
| | |
|30-day notification needed?|No|
|30-day start date|n/a|
|30-day end date|n/a|
| | |
|LDAP protected?|No|
| | |
|Need TABL reminders?|No|
|Frequency|n/a|
|Brief reminder text:|n/a|
| | |
|Approval Sheet for this revision received (date) \\
\[Note: author is responsible\}| |
h3.Key labels/tags:
* Information Technology, Information Management
h3.New terms that need to be added to Glossary/Acronym list:
* Policy Area: Information Technology
** Laboratory IT: Laboratory Information Technology includes Berkeley Lab-managed computing devices, networks, services, and accounts
h3.Implementing Documents restricted to department/functional use
(optional – these will be used for tracing between requirements and associated documents)
|Document number|Title|
| | |
| | |
\\
*Side bars:*
Side bar 1 location (cite by Policy Section # - for example: Section D.2.a)
Sidebar 1 text:\\
\\
Sidebar 2 location
Sidebar 2 text:\\
\\
Sidebar 3 location
Sidebar 3 text:
\\
{dojo-tab}
{builder-show}
{dojo-tabs}This policy defines acceptable use of Laboratory Information Technology (IT) at Berkeley Lab. Acceptable use includes both business (official) use and incidental personal use, subject to restrictions. This policy also describes unacceptable use and sanctions. - Employees and affiliates
- Other users of Laboratory IT, including collaborators
The POLICY tab on this wiki page Information Technology Policy Manager Information Technology Division [email protected] |
Card |
---|
| Title: | Acceptable Use of Information Technology | Publication date: | 8/9/2024 | Effective date: | 3/20/2007 |
This policy defines acceptable use of Laboratory IT at Lawrence Berkeley National laboratory (Berkeley Lab) to: - Further the mission of Berkeley Lab
- Enforce compliance with applicable laws and regulations
- Protect the Laboratory from legal action
This policy applies to employees and affiliates and other users of Laboratory IT, including collaborators. Not applicable - Acceptable Use
- Business Use (Official Use)
- Acceptable use is the use of Laboratory IT to accomplish tasks related to any Berkeley Lab role or position.
- Incidental Personal Use
- The Laboratory permits the incidental personal use of Laboratory IT. Incidental personal use is a privilege and the Laboratory may revoke or limit it at any time.
- Requirements. Incidental personal use of Laboratory IT must not:
- Interfere with employment or other obligations to the Laboratory
- Directly or indirectly interfere with the operation of Laboratory resources
- Burden the Laboratory with noticeable incremental cost
- Create a lasting association between the use and the Laboratory
- Portray the Laboratory or its employees in an inappropriate or unbecoming manner
- Expectation of Privacy. Users have no expectation of privacy when they engage in incidental personal use of Laboratory IT.
- Reimbursement. If a system exists for reimbursements, users must reimburse the Laboratory for incidental personal use.
- Unacceptable Use: Users of Laboratory IT may not engage in unacceptable use. "Unacceptable use" includes, but is not limited to, use of Laboratory IT:
- In violation of applicable state, federal, Department of Energy, and University law or regulations, including copyright, licensing, or trademark laws
- In violation of Laboratory policy, including policies regarding information categories and controls, and the Lab’s Prohibited and Inadvisable Products list
- For personal gain or lobbying
- To access, store, copy, create, or transmit sexually explicit materials
- To gamble
- For harassment, retaliation, or discrimination, or in an inflammatory manner
- In a manner that can reasonably be expected to offend members of the community, embarrass the Laboratory, or otherwise result in a loss of public trust
- For gaining or attempting to gain unauthorized access to computers, networks, or other information resources
- For unauthorized manipulation, creation, or removal of information
- In a manner likely to cause harm to systems or networks
- To circumvent security controls on Laboratory IT or external systems
- Sanctions: Violation of this policy may result in restriction of access to resources, disciplinary action up to and including dismissal, loss of site-access privileges, and/or referral to federal or state law-enforcement authorities for criminal or civil prosecution.
Employees and affiliates and users of Laboratory IT are responsible for adhering to this policy. Term | Definition | Laboratory IT | Berkeley Lab-managed IT, including computing devices, networks, services, and accounts |
None Information Technology Policy Manager Information Technology Division [email protected] J. Revision HistoryDate | Revision | By whom | Revision Description | Section(s) affected | Change Type | 8/9/2024 | 1.3 | A. Sultan | Periodic review: update to include existing policy | D.2.2 | Editorial | 6/15/2021 | 1.2 | A. Sultan | Periodic review. No changes | All | Editorial | 8/6/2014 | 1.2 | S.Lau | Review complete, 1 editorial change, update Next Review date | SRD | minor | 6/19/2013 | 1.1 | J.Bonaguro | Review complete, 1 editorial change, update Next Review date | D.2.d,e | minor | 1/2/2012 | 1 | J. Bonaguro | Rewrite for wiki | All | Minor |
|
Card |
---|
label | Document Information |
---|
| Title: | Acceptable Use of Information Technology | Document number | 10.01.001.000 | Revision number | 1.3 | Publication date: | 8/9/2024 | Effective date: | 3/20/2007 | Next review date: | 8/8/2027 | Policy Area: | Information Technology | RPM Section (home) | Information Management | RPM Section (cross-reference) | 9.01 | Functional Division | Information Technology | Prior reference information (optional) | RPM, Chapter 9, Section 9.01 |
- DOE Order 200.1A, Information Technology Management, CRD Section 2.b
- DOE Order 205.1C, Department of Energy Cybersecurity Program, CRD
- DOE Office of Science Program Cyber Security Plan, June 2010
- Berkeley Lab Senior Management requirement
Anchor |
---|
| SP-800-53-Rev._3 |
---|
| SP-800-53-Rev._3 |
---|
|
|
Show If |
---|
| Card |
---|
label | Additional Information |
---|
| Title: | Acceptable Use of Information Technology | Document number | 10.01.001.000 | Revision number | 1.3 | Publication date: | 8/9/2024 | Effective date: | 3/20/2007 | Next review date: | 8/8/2027 | Policy Area: | Information Technology | RPM Section (home) | Information Management | RPM Section (cross-reference) | 9.01 | Functional Division | Information Technology | Author name/contact info | S. Lau |
|
| Revision 0 publication date | 3/20/2007 | Retirement date | n/a | Prior reference information (optional) | RPM, Chapter 9, Section 9.01 |
|
| Inputs from more than one Functional Area? | No | List additional Functional Areas & contacts |
|
|
| Inputs from more than one Policy Area? | No | List additional Policy Areas & contacts |
|
|
| 30-day notification needed? | No | 30-day start date | n/a | 30-day end date | n/a |
|
| LDAP protected? | No |
|
| Need TABL reminders? | No | Frequency | n/a | Brief reminder text: | n/a |
|
| Approval Sheet for this revision received (date) [Note: author is responsible} |
|
- Information Technology, Information Management
- Policy Area: Information Technology
- Laboratory IT: Laboratory Information Technology includes Berkeley Lab-managed computing devices, networks, services, and accounts
(optional – these will be used for tracing between requirements and associated documents) Side bars: Side bar 1 location (cite by Policy Section # - for example: Section D.2.a) Sidebar 1 text:
Sidebar 2 location Sidebar 2 text:
Sidebar 3 location Sidebar 3 text:
|
|
|