1. WOSM Staff Support Centre
  2. Workplace and Travel
  3. Digital and Information Technology

WSB Policy: Acceptable Technology Use

Updated
Have more questions? Submit a request

Purpose

The World Scout Bureau (WSB) is committed to the correct and proper use of its Information Technology (IT) resources in support of its administrative and service functions.

The inappropriate use of IT resources could expose the WSB to risks including virus and malicious software attacks, theft and unauthorised disclosure of information, disruption of network systems and services or litigation.

The purpose of this policy is to provide WSB staff and other users of its IT resources with clear guidance on the appropriate, safe and legal way in which they can make use of the organisation’s IT resources.

Adherence to this policy is mandatory and by using or accessing any IT resources which are owned or leased by the WSB, users are agreeing to abide by the terms of this policy.

 

Scope

This policy represents the WSB’s official position and takes precedence over all other relevant policies which are developed at a local level.

The policy applies to:

  • All Information Technology (IT) resources provided by the WSB.
  • All users (including Staff, Interns, Contractor’s, Consultants & Volunteers) issued with a WSB IT resource or using the WSB IT resources.
  • All use (both personal & WSB business related) of the WSB’s IT resources.
  • All connections to (locally or remotely) the WSB Internal network (WIFI, LAN).
  • All connections made to external networks through the WSB network.

 

Definitions

A list of terms used throughout this policy are defined in Appendix A.

 

Policy

Principles of Acceptable Use

The acceptable use of the WSB’s Information Technology (IT) resources is based on the following guiding principles:

    • All the WSB’s IT resources and any information stored on the device remain the property of the WSB.
    • Users must ensure that they use IT resources at all times in a manner which is lawful, ethical and efficient.
    • Users must respect the rights and property of others, including privacy, confidentiality and intellectual property.
    • Users must respect the integrity and security of the IT resources.

 

Monitoring

The WSB reserves the right to routinely monitor, log and record any and all use of its IT resources for the purpose of:

    • Helping to trace and resolve technical faults.
    • Protecting and maintaining network and system security.
    • Maintaining system performance and availability.
    • Ensure the privacy and integrity of information stored on the WSB network.
    • Investigating actual and suspected security incidents.
    • Preventing, detecting and minimising inappropriate use.
    • Protecting the rights and property of the WSB, its staff, interns, consultants, contractors and volunteers and client.
    • Ensuring compliance with WSB policies, current legislation and applicable regulations.

While the WSB does not routinely monitor an individual user’s use of its IT resources, it reserves the right to do so when a breach of its policies or illegal activity is suspected. 

    • The monitoring of an individual user will only be undertaken at the request of the individual’s line manager, SMT Member or the respective HR manager.
    • The monitoring may include, but will not be limited to individual login sessions, details of information systems and records accessed, contents of hard disks, internet sites visited, time spent on the internet, telephone usage and the content of electronic communications.
    • WSB will at all times seek to act in a fair manner and respect the individual user’s right for the privacy of their personal information under the locally applicable Data Protection & Privacy legislation.
    • Information collected through monitoring will not be used for purposes other than those for which the monitoring was introduced, unless it is clearly in the user’s interest to do so or it reveals activity that the WSB could not be reasonably expected to ignore, for example a user found to be viewing, downloading or forwarding inappropriate content, in which case the findings must be reported to the Senior Management Team.
    • Individual monitoring reports will only be accessible to the appropriate authorised WSB personnel and will be deleted when they are no longer required.
    • In the process of dealing with computer support calls WSB IT staff or coordinators may need to access a user’s computer to resolve the support call. In such circumstances, IT personnel must respect the privacy of the individual user and not access information, documents or emails of a personal nature without the user’s permission or unless they need to in order to resolve the support call. In some cases, the IT personnel may use remote control software to connect and take control of a user’s computer remotely. In such circumstances the IT personnel will not use this software to connect to the user’s computer without first attempting to contact the user of the computer first.

Personal Use

The WSB IT resources are to be used primarily for WSB business-related purposes.However, in general the WSB allows its IT resources to be used for personal use by the user provided the use:

    • Is not excessive.
    • Does not take priority over their WSB work responsibilities.
    • It does not interfere with the performance and work of the user, other staff or the WSB.
    • Does not incur unwarranted expense or liability for the WSB.
    • Does not have a negative impact on the WSB in any way.
    • Does not involve commercial activities, such as running any sort of private business, advertising or performing work for personal gain or profit.
    • Is lawful and complies with this policy and all other relevant WSB policies.

The WSB has the final decision on deciding what constitutes excessive personal use. The WSB does not accept liability for any fraud or theft that results from a user’s personal use of the WSB’s IT resources.

 

Unacceptable Use

The WSB’s IT resources must not be used:

  1. For excessive personal use.
  2. For commercial activities, such as running any sort of private business, advertising or performing work for personal gain or profit.
  3. For political activities, such as promoting a political party / movement, or a candidate for political office, or campaigning for or against government decisions.
  4. To knowingly misrepresent the WSB.
  5. To transmit confidential or restricted information outside the WSB unless such information transfer is for WSB business purposes and covered by a Non-Disclosure Agreements (NDA) signed by the external part.
  6. To store or transfer confidential or restricted information (encrypted or otherwise) onto a USB memory stick. All work should be on the approved cloud storage solutions and sharing of documents, files, folders should be controlled by the approved Cloud Storage Solution.
  7. To enter into contractual agreements inappropriately (i.e. without authorisation or where another form of agreement is required).
  8. To create, view, download, host or transmit material (other than users who are authorised by the WSB to access such material for research etc.) of an inappropriate nature or which may generally be considered inappropriate, offensive or obscene and could cause offence to others on the grounds of race, creed, gender, sexual orientation, disability, age or political beliefs. Material is defined as information (irrespective of format), images, video clips, audio recordings etc.
  9. To retrieve, create, host or transmit material which is designed to cause annoyance, inconvenience or needless anxiety to others.

  10. To retrieve, create, host or transmit material which is defamatory.

  11.  

    For any activity that would infringe intellectual property rights (e.g. unlicensed installation, distribution, copying, or publication of copyrighted material).
  12. For any activity that would compromise the privacy of others.
  13. For any activity that would intentionally cause disruption to the computer systems, telephone systems or networks belonging to the WSB or others.
  14. For any activity that would deliberately cause the corruption or destruction of data belonging to the WSB or others.
  15. For any activity that would intentionally waste the WSB’s resources (e.g. staff time and IT resources).
  16. For any activity that would intentionally compromise the security of the WSB’s resources, including the confidentiality and integrity of information and availability of IT resources (e.g. by deliberately or carelessly causing computer virus and malicious software infection).
  17. For the installation and use of software or hardware tools which could be used to probe or break the WSB’s IT security controls
  18. For the installation and use of software or hardware tools which could be used for the unauthorised monitoring of electronic communications within the WSB or elsewhere
  19. To gain access to information systems or information belonging to the WSB or others which you are not authorised to use.
  20. For creating or transmitting “junk” or “spam” emails. This includes but is not limited to unsolicited commercial emails, jokes, chain-letters or advertisements.
  21. For any activity that would constitute a criminal offence, give rise to a civil liability or otherwise violate any law.

The above list should not be seen as exhaustive, as other examples of unacceptable use of the WSB IT resources may exist. All employees are encouraged to report any infringement of the above to the IT team and or the Senior Management Team who will then take the needed action.

 

Roles & Responsibilities

Stakeholders

Responsibilities

Senior Management Team

Review, Approve and formally support this policy

Users
  • Complying with the terms of this policy and all other relevant WSB policies, procedures, regulations and applicable legislation
  • Reporting all misuse and breaches of this policy to their line manager.
  • Ensuring they return to their line manager, all WSB computer devices (e.g. laptop, smart devices, printer, removable storage devices etc.), information, important email messages and other important items (e.g. swipe cards, keys and I.D. badge etc.) before they leave the employment of the WSB or transfer to another WSB office or service area
  • Ensuring they remove or delete all non-WSB personal information and email messages (i.e. information which is of a personal nature and belongs to the user and not the WSB) from their WSB computer before they leave the employment of the WSB as it may not be possible to get a copy of this data from the WSB once the user has left the WSB

IT Department (Senior Manager, Digital & IT Services, IT Coordinators)
  • The provision of reliable computer systems which deploy appropriate technical safeguards against threats to their availability, operation, stability, and performance.
  • The provision of training, advice and guidance to computer systems users.

Line Managers, Supervisors, Department Heads
  • The implementation of this policy and all other relevant WSB policies within the business areas for which they are responsible.
  • Ensuring that all WSB staff, contractors, interns, consultants and volunteers who report to them are made aware of and have access to this policy and all other relevant WSB policies.
  • Ensuring that all WSB staff, contractors, interns, consultants and volunteers who report to them are provided with adequate training and are instructed to comply with this policy and all other relevant WSB policies.
  • Ensuring that all WSB staff, contractors, interns, consultants and volunteers report to them return all WSB computer devices assigned (e.g. laptop, smart devices, printer, mobile phone devices, removable storage devices etc), information, important email messages and other important items (e.g. swipe cards, keys and I.D. badge) before they leave the employment of the WSB or transfer to another WSB office.
  • Reporting all actual or suspected information security breaches immediately to the IT personnel and/or the Senior Management Team.
  • Consulting with the HR Manager in relation to the appropriate procedures to follow when a breach of this policy has occurred

 

Policy Distribution & Awareness

This policy and it's supporting policies, standards and guidelines will be published on the WSB Dropbox.

Soft copies of the policy and its supporting policies, standards and guidelines will be available on WSB Staff Support Center.

The IT Personnel and/or the Senior Manager, Digital & IT Services may make periodic policy announcements by email.

WSB line managers will ensure that all existing and new staff, contractors, consultants, interns, volunteers and third-party commercial service providers who report to them are made aware of and have access to the policy and its supporting policies, standards and guidelines.

Individuals requiring clarification on any aspect of the policy and its supporting policies, standards and guidelines and/or advice on general I.T. security matters may email their queries to the Senior Manager, Digital & IT Services or the local IT Personnel.

 

Exceptions to this Policy

Exceptions to the guiding principles in this policy must be documented and formally approved by the Global Director, Communications , with evidence of support from the appropriate Senior Management Team.

Policy exceptions must describe:

  • The nature of the exception.
  • A reasonable explanation for why the policy exception is required
  • Any risks created by the policy exception.
  • Evidence of approval.

 

Policy Enforcement

The WSB reserves the right to take such action as it deems appropriate against individuals who breach the conditions of this policy. WSB staff, contractors, consultants, interns and volunteers who breach this policy maybe subject to disciplinary action, including suspension and dismissal as provided for in the WSB disciplinary procedure.

Breaches of this policy by a third-party commercial service provider, may lead to the withdrawal of WSB information technology resources to that third party commercial service provider and/or the cancellation of any contract(s) between the WSB and the third-party commercial service provider.

The WSB reserves the right to refer any use of its IT resources for illegal activities to the relevant Authorities.

 

Review & Update

This policy will be reviewed and updated annually or more frequently if necessary, to ensure any changes to the WSB’s organisation structure and business practices are properly reflected in the policy.

Articles in this section

See more
Was this article helpful?
0 out of 0 found this helpful