Loading...
 
Page actions
Print

Monitoring of Computer Resources

Policy Reference

Category Monitoring and Reporting
Approval Date  01-29-2010
Scope All Personnel

Purpose

The use of computing resources represents inherent risks that can be detrimental to the computing environment, the security of confidential information and the ability to deliver city services.   Proactive and reactive monitoring and reporting will be utilized to address specific issues, identify trends and ensure compliance with related polices and procedures.    

Policy

  1. The City has the right to monitor the use of all computing resources to ensure that all applicable policies are being followed. (406.2)
  2. Users should have no expectation of privacy  with regard to any electronic file or e-mail communication unless the information is protected per applicable local, state or federal laws and regulations. (406.2)
  3. Employees are advised that the City maintains systems and software which automatically monitor and record all e-mail messages. (406.6.6)
  4. The City has software and systems in place that monitor and record Internet usage. Users are advised that these systems are capable of recording, for each user, every World Wide Web site visit, news group, e-mail message and file transfer into and out of the City network. The general (non-user specific) nature of the Internet utilization by the City will be monitored on a regular basis by ITS.   (406.7.7)
  5. In the event that inappropriate utilization is occurring, users will be identified  by the  applicable Department Directors and handle corrective measures with individual employees as necessary. (406.7.7)
  6. ITS is responsible for the operation of monitoring systems and no related settings may be modified or circumvented by staff.

Compliance

  1. The organization will maintain a standard and appropriate procedures to establish usage and proper behavior policies. UCF ID 01350
  2. The organization must ensure usage policies have been developed for critical employee-facing technologies. § 12.3.a, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 1.2
  3. Adapted from Section 406 of Employee Telephone Use and Computing Policy adopted 10-29-07