RPM | REQUIREMENTS AND POLICIES MANUAL

Viewable by the world

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 33 Next »

    Title:

    Acceptable Use of Information Technology

    Publication date:

    6/14/2021

    Effective date:

    3/20/2007

    BRIEF

    Policy Summary

    This policy defines acceptable use of Laboratory Information Technology (IT) at Berkeley Lab. Acceptable use includes both business (official) use and incidental personal use, subject to restrictions. This policy also describes unacceptable use and sanctions.

    Who Should Read This Policy

    • Employees and affiliates
    • Other users of Laboratory IT, including collaborators

    To Read the Full Policy, Go To:

    The POLICY tab on this wiki page

    Contact Information

    Information Technology Policy Manager
    Information Technology Division
    [email protected]

    Title:

    Acceptable Use of Information Technology

    Publication date:

    6/14/2021

    Effective date:

    3/20/2007

    POLICY

    A. Purpose

    This policy defines acceptable use of Laboratory IT at Lawrence Berkeley National laboratory (Berkeley Lab) to:

    • Further the mission of Berkeley Lab
    • Enforce compliance with applicable laws and regulations
    • Protect the Laboratory from legal action

    B. Persons Affected

    This policy applies to employees and affiliates and other users of Laboratory IT, including collaborators.

    C. Exceptions

    Not applicable

    D. Policy Statement

    1. Acceptable Use
      1. Business Use (Official Use)
        1. Acceptable use is the use of Laboratory IT to accomplish tasks related to any Berkeley Lab role or position.
      2. Incidental Personal Use
        1. The Laboratory permits the incidental personal use of Laboratory IT. Incidental personal use is a privilege and the Laboratory may revoke or limit it at any time.
        2. Requirements. Incidental personal use of Laboratory IT must not:
          1. Interfere with employment or other obligations to the Laboratory
          2. Directly or indirectly interfere with the operation of Laboratory resources
          3. Burden the Laboratory with noticeable incremental cost
          4. Create a lasting association between the use and the Laboratory
          5. Portray the Laboratory or its employees in an inappropriate or unbecoming manner
        3. Expectation of Privacy. Users have no expectation of privacy when they engage in incidental personal use of Laboratory IT.
        4. Reimbursement. If a system exists for reimbursements, users must reimburse the Laboratory for incidental personal use.
    2. Unacceptable Use: Users of Laboratory IT may not engage in unacceptable use. "Unacceptable use" includes, but is not limited to, use of Laboratory IT:
      1. In violation of applicable state, federal, Department of Energy, and University law or regulations, including copyright, licensing, or trademark laws
      2. In violation of Laboratory policy, including policies regarding information categories and controls
      3. For personal gain or lobbying
      4. To access, store, copy, create, or transmit sexually explicit materials
      5. To gamble
      6. For harassment, retaliation, or discrimination, or in an inflammatory manner
      7. In a manner that can reasonably be expected to offend members of the community, embarrass the Laboratory, or otherwise result in a loss of public trust
      8. For gaining or attempting to gain unauthorized access to computers, networks, or other information resources
      9. For unauthorized manipulation, creation, or removal of information
      10. In a manner likely to cause harm to systems or networks
      11. To circumvent security controls on Laboratory IT or external systems
    3. Sanctions: Violation of this policy may result in restriction of access to resources, disciplinary action up to and including dismissal, loss of site-access privileges, and/or referral to federal or state law-enforcement authorities for criminal or civil prosecution.

    E. Roles and Responsibilities

    Employees and affiliates and users of Laboratory IT are responsible for adhering to this policy.

    F. Definitions/Acronyms

    Term

    Definition

    Laboratory IT

    Berkeley Lab-managed IT, including computing devices, networks, services, and accounts

    G. Recordkeeping Requirements

    None

    H. Implementing Documents

    Document Number

    Title

    Type

    10.01.001.001

    Responding to Allegations of Copyright Infringement

    Procedure

    10.01.001.002

    Responding to Inappropriate Use

    Procedure

    I. Contact Information

    Information Technology Policy Manager
    Information Technology Division
    [email protected]

    J. Revision History

    Date

    Revision

    By whom

    Revision Description

    Section(s) affected

    Change Type

    6/14/2021 1.2 A. Sultan Periodic review. No changes All Editorial

    8/6/2014

    1.2

    S.Lau

    Review complete, 1 editorial change, update Next Review date

    SRD

    minor

    6/19/2013

    1.1

    J.Bonaguro

    Review complete, 1 editorial change, update Next Review date

    D.2.d,e

    minor

    1/2/2012

    1

    J. Bonaguro

    Rewrite for wiki

    All

    Minor

    DOCUMENT INFORMATION

    Title:

    Acceptable Use of Information Technology

    Document number

    10.01.001.000

    Revision number

    1.2

    Publication date:

    6/14/2021

    Effective date:

    3/20/2007

    Next review date:

    6/14/2024

    Policy Area:

    Information Technology

    RPM Section (home)

    Information Management

    RPM Section (cross-reference)

    9.01

    Functional Division

    Information Technology

    Prior reference information (optional)

    RPM, Chapter 9, Section 9.01

    Source Requirements Documents

    • DOE Order 200.1A, Information Technology Management, CRD Section 2.b
    • DOE Order 205.1C, Department of Energy Cybersecurity Program, CRD
    • DOE Office of Science Program Cyber Security Plan, June 2010
    • Berkeley Lab Senior Management requirement

    Implementing Documents

    Document Number

    Title

    Type

    10.01.001.001

    Responding to Allegations of Copyright Infringement

    Procedure

    10.01.001.002

    Responding to Inappropriate Use

    Procedure

    • No labels