INFORMATION TECHNOLOGY POLICY / Page No. 1 of 2 .
Policy Statement
The Information Technology Policy is intended to be applied in conjunction with other Information Technology policies as made available on the employee portal and applies to all users of the CDTA’s computer and network resources.
CDTA has developed information security policies to protect the availability, integrity, and confidentiality of CDTA Information Technology (IT) resources. These policies apply to all CDTA employees, and any other external entities that may have opportunity to access CDTA IT assets.
Procedures
· The following items constitute a brief summary (suitable for inclusion in the employee manual) of the comprehensive policy.
· Information Technology (IT) resources must be utilized respectfully and as authorized and designed.
· While utilizing CDTA-owned IT resources, no user or administrator is authorized to engage in any activity that violates CDTA policy or any illegal activity under local, state, federal or international law.
· Users and administrators may not engage in any activity that interrupts personal productivity or the service of any CDTA resources.
· Users and administrators must not share account passwords with any other person.
· Employees have a duty to help maintain the physical security of their desktop workstations, portable computing devices and removed media (such as CDs and thumb drives) by restricting and controlling physical access to these items when possible.
· Electronic communication and services provided by the Authority are Authority property, and their purpose is to facilitate Authority business. These systems, including the equipment and the data stored in the system, are and remain at all times the property of the Authority. As such, all electronic communication created, sent, received, or stored in these systems are and remain the property of the Authority. Accordingly, employees may have no expectation of privacy regarding any such communications.
· The Authority reserves the right to inspect, examine, and monitor the use of its computers, computer networks, E-mail, telephone systems (including voice mail), and all other electronic communication systems at any time and without notice in the ordinary course of business when the Authority deems it appropriate to do so.
· The use of E-mail and the Internet at the Authority is intended primarily for business purposes only. Occasional and incidental use of Information Technology tools for personal reasons is permitted as long as it does not interfere with regular work responsibilities.
· Only CDTA approved portable computing devices may be used to access CDTA information resources.
· Employees have a responsibility to report any actual or suspected information or network security incidents to the Information Technology Department.
· Acceptance of employment at CDTA is considered acceptance of the entire policy. The comprehensive policy includes, but is not limited to the following subject areas: acceptable use, access control, password policy, physical security, remote access, business continuity policy, communications, and confidentiality, use of email/Internet, software licensing, portable computing, incident reporting, and violations policy.
· Senior Staff and Directors are responsible for requesting access to CDTA hardware, software and mobile devices for CDTA staff. Formal authorization of request is approved or disapproved by the VP of Infrastructure and Planning.
· A copy of the comprehensive policy is accessible through the employee portal, from the Information Technology Department, or from the Human Resources Department. Please contact the Information Technology Department with questions.
Carm Basile
Chief Executive Officer
Updated 7/2014