Information Technology Policy

Introduction

1.1 The computer network is an essential part of this organisation. Damage, down time or loss of information can have serious effects on our ability to operate. At the same time communications we send and distribute has potential to effect and reflect on the company’s reputation and employees. For this reason, it is critical that all staff are informed of our policy regarding company computer equipment and communication.

 

Scope

2.1 This policy applies to all employees, contractors, vendors, and any other individuals who have access to Pacific Hygiene's IT resources. IT resources include but are not limited to computer systems, tablets, networks, software, data, and electronic communication tools.

 

Procedure

3.1 Access Control:

3.1.1 Access to Pacific Hygiene's IT resources will be granted based on job responsibilities and the principle of least privilege.

3.1.2 User accounts must be secured with strong passwords and undergo regular reviews.

3.1.3 Two Factor Authentication will be deployed where applicable.

3.2 Data Security:

3.2.1 Sensitive data, defined as any information that, if disclosed or altered, could have a negative impact on the organization, must be classified.

3.2.2 Regular data backups must be performed, and disaster recovery plans maintained.

3.2.3 Refer to Data Protection Policy for more information.

3.3 Software Usage:

3.3.1 Only licensed and authorized software may be installed on Pacific Hygiene’s systems.

3.3.2 Employees must adhere to software installation and update procedures.

3.4 Network Security:

3.4.1 Firewalls and intrusion detection/prevention systems must be in place to protect the organization's network.

3.4.2 Wireless networks should be secured using strong encryption and access controls.

3.5 Incident Response:

3.5.1 All IT-related incidents, including security breaches, must be reported promptly.

3.5.2 An incident response plan will be implemented to address and mitigate the impact of security incidents.

 

Definitions

4.1 IT Resources: Refers to all hardware, software, networks, data, and electronic communication tools owned or managed by Pacific Hygiene.

4.2 Sensitive Data: Any information that, if disclosed or altered, could have a negative impact on the organization

 

Compliance

5.1 Pacific Hygiene may at any times keep logs of internet and email usage and monitor these logs. This may reveal information such as which Internet servers (including World Wide Web sites) have been accessed by employees and the communications contained within emails.

5.2 Pacific Hygiene will not, however, disclose any of the logged, or otherwise collected information to a third party except under compulsion of law.

5.3 Pacific Hygiene will review any alleged breach of this policy on an individual basis. If the alleged breach is considered by Pacific Hygiene to be of a very serious nature, the breach may be treated as grounds for instant dismissal.

 

Governance and Maintenance

6.1 Policy Location

6.1.1 This policy is published and accessible to all on our website.

 

6.2 Review Timetable

6.2.1 This policy will be reviewed yearly to ensure its effectiveness and alignment with best practices and legal requirements. We will actively seek feedback from employees and stakeholders to continually enhance our environmental initiatives.

 

Conclusion

7.1 Pacific Hygiene is committed to maintaining a secure and efficient IT environment. This policy provides the framework for responsible and ethical use of IT resources, ensuring the confidentiality, integrity, and availability of information. All employees, contractors, vendors, and other individuals with access to Pacific Hygiene’s IT resources are expected to familiarize themselves with and adhere to this policy to safeguard the organization's IT assets and data.