An Acceptable Use Policy (AUP) is an organization-wide policy that defines what is allowed and what is not allowed regarding use of Information Technology (IT) assets by employees. The following policy is to be followed by all employees of Richman Investments, authorized individuals, vendors, and contractors who use any information technology (IT), electronic, or communication devices owned and/or provided by Richman Investments for the purpose of assisting them with their job-related duties.
Access to the Internet is a privilege and all employees must adhere to the policies regarding computer, email, and Internet usage. Violation of these policies will result in disciplinary and/or legal action that may include counseling, revocation of company devices, termination of the employee, and legal action. II. Roles and Responsibilities Every employee must acknowledge that they have received a copy of the AUP and confirm that they have a complete understanding and agree to abide by the rules set forth in the AUP.
Receipt and signing of the AUP will occur at Employee Orientation, and in the event of changes to the policy, a revised AUP must be signed. III. Policy Directives A. Acceptable Use Management Requirements A Standard Operating Procedure (SOP) will be established to support the development and maintenance of this AUP. Richman Investments’ management team is responsible for keeping the AUP up to current standards and ensuring that new and current employees are kept abreast of major changes and that signatures are obtained from each employee following these changes.
At a minimum, skills that should be included include annual User Training and Awareness. A formal review cycle will be established to review all Acceptable Use initiatives. B. Ownership Any electronic files created, sent, received, or stored under the custody of Richman Investments are the property of Richman Investments and use of these files by employees is neither personal nor private. Richman Investments management has the right to monitor and/or log all employee use with or without prior notice. C. Acceptable Use Requirements
All users must report any incidents of possible misuse or violation of this AUP. Users must not attempt to access any documents, data, email, or programs in which they are not authorized to do so. Users must report any weaknesses in computer security to the management and/or the appropriate security staff. Users must not share their account passwords, PINs, or Smartcards used for identification and authorization purposes. Users must not make any copies of copyrighted materials or Richman Investments-owned software.
Users must not engage in activity that Richman Investments may consider to be indecent, obscene, offensive, or that is illegal according to any law. Users must not download, install or run security programs or utilities such as scanners or password cracking programs that exploit weaknesses in the security of Richman Investments’ computers systems. Access to the Internet from company-owned, home-based computers must follow all rules and regulations outlined for in-house computer resources.
Any security issues will be reported to and followed up on by management for further investigation. D. Incidental Use Incidental use of email, Internet access, FAX machines, printers, and copiers is restricted to approved users only and does not include family members. These must not result in direct costs to Richman Investments or cause legal action to be taken. Incidental use must not interfere with the normal performance of any employee’s work duties. Storage of voice messages, email messages, files and documents must be limited. IV. Enforcement, Auditing, Reporting
Richman Investments management is responsible for the periodic auditing and reporting of compliance with this policy. Violation of this policy may results in disciplinary action that may include counseling and/or termination, depending upon the seriousness of the infraction. Any employee may anonymously report policy violations via Richman Investments’ Intranet or by telephone at 303-303-3030. IV. References A. Richman Investment POLICY: Information Security. 2013. P 1-6. B. Information Technology Acceptable Use Policies and Procedures. 2013. P 1-8. C. Internet Usage Policy. 2013. P 1-2.