Information Technology Policy Catalog 2019-2020

(5) Follow the guidelines of their respective division manager as well as pertinent security policies, City of Greensboro policies, applicable laws, and licensing agreements where applicable.

(6) Take precautions against damage or theft of all equipment and system information.

(7) Resolve and research problems as required to sustain and enhance daily operation procedures.

(8) Safeguard storage of authentication data such as access codes, PIN numbers, password files, encryption keys etc. through shadowing, access codes, and encryption.

(9) Evaluate the effectiveness of the current safeguards for controlling security risks.

(10) Identify external and internal risks to the security, confidentiality, and integrity of the City of Greensboro’s information.

(11) Ensure an end-user gives permission before a remote connection is established via SMS, verbally, email, or some other viable means.

CODE OF CONDUCT

As employees of the Information Technology Department we are expected to conduct ourselves professionally at all times and uphold the City of Greensboro’s ethical obligations and ideals. We will be committed to maintain the integrity and confidentiality of all computer systems and the information provided on our networks at all times. While we must always be guided with our own professional judgement, this policy and code exists to guide us when difficulties arise in the performance of our duties and mission. To this end we promote ongoing user education and we are encouraged to take measures that will avoid reoccurrence of any issue encountered within the department. We expect everyone to adhere to the spirit of this code to the best of their ability by exercising integrity, protecting against infringement of private information, communicating issues that arise through the appropriate channels, invoking a high work ethic, and demonstrating overall professionalism throughout our daily operations.

INCIDENTS AND INAPPROPRIATE USE

Should we encounter cases of suspected inappropriate use of our systems or networks we will report the suspected conduct or incident to the appropriate Division Manager. The Division Manager will make the proper notifications to the CIO and Deputy CIOs as required. All divisions where practical and where needed are expected to maintain a log for any incident that may arise during daily operations. This log will include but is not limited to:

(A) Date and time of the user request (B) Problem description of the user request (C) Name, phone number, and location of the user (D) The request type (E) The technician’s name (F) Any comments or actions taken about the user request (G) Any solutions about the user request.

72 | P a g e

Made with FlippingBook - Online Brochure Maker