- General Provisions:
- Based on the UIC- IISSP, information systems include without limitation to ICT resource requirements like hardware (network and telecommunications), software, ICT services and the like.
- UIC maintains this IISSP to guide the university in the implementation of its IT initiatives and projects to enhance its performance and achieve its goals. These following guidelines have been established to apply to all students, teaching and nonteaching staff and all other organic employees of the University.
- UIC’s information systems, including email and Internet access, are intended to be used for university purposes only. The use of the university’s information systems with the intention of distributing materials and/or software in violation of copyright is illegal and
not permitted. This policy also applies to the two other campuses of the university.
- Privacy Provisions
- The information systems of the university are expected to function properly and the users can expect the files and data he/she generates to be private information. However, all users should be aware that no information systems are completely secure, hence the university makes no guarantee regarding the availability of data and refuses any liability in the event of data loss. Although, it is expected that the university exercises practical measures to prevent loss of data and to attempt data restoration when applicable
- Access to user data
- All users shall only access the data provided to them by their specific user access levels. If by any means they were able to access data not intended for them, they shall report it to the MIS/ITRC office immediately.
- Only authorized personnel shall have access to sensitive data as approved by the Office of the President through the MIS/ITRC Director.
- Data/Log Retention Policy
- Data logs are usually retained for 90 days after their first creation. They are considered confidential and as such the MIS/ITRC takes active measures to prevent unauthorized access during the retention period. The use of any such retained information by the authorized staff and the release of any log information to third parties are done under the direction and with the approval of the Office of the President through the MIS/ITRC Director. Failure to comply with this provision will be subjected to disciplinary action, up to and including termination of employment.
- Information System Misuse
- All UIC’s information systems should not be used in a way which may constitute threatening, freighting intimidating or unpleasant material on the basis of religion, nationality, sex, disability, etc.
- The university takes practical steps to safeguard that its information systems are free of computer viruses, worms or other malicious programs. Tools for scanning and disinfecting disks are provided by the MIS/ITRC office for all university-owned computers. The University is not responsible for damage to personally owned computers or the loss of data due to viruses, worms or other malicious obtained through the University information system.
- Unauthorized use of software or other copyrighted material is strictly prohibited and illegal, it could result in legal action. Making copies of software having restricted use license is considered a violation of copyright and is prohibited. If the MIS department finds such software installed on the University information system, it will be removed promptly. Installation of university-licensed software on a personally owned computer is illegal unless permitted by the software license.
- Installation of non-university licensed software on university computers is permitted only with the prior consent of the MIS/ITRC office.
- Abuse or misuse of the information systems, including without limitation to e-mail and Internet, in any way, whether or not expressively set forth above, which would result in the detriment to the information systems, or which would in any way reveal or disclose nonpublic information, data, or materials of the University without express authorization, is strictly prohibited.
- Policy Violations
- Abuse of the University’s information systems, through extreme personal use, or use in violation of law or university policies, will result in disciplinary action, up to and including termination of employment and/or enrollment. All persons to whom these guidelines are applicable, as stated above, are responsible for adhering to these rules. All decision-making personnel shall be responsible for ensuring that these policies are adhered to within their respective areas of responsibility.