A-ISS-001-001 Information Technology General Use and Practices Procedure
A-ISS-001-003 Equipment and System Access Requests Procedure
A-ISS-001-004 User Security Settings and System Configurations Procedure
The Information Systems department (I.S.) supplies programs and systems, maintenance and support of information technology resources (IT) to aid the Town of Oakville (town) in delivering programs and services to facilitate the business of the town in an ethical and lawful manner.
The purpose of this policy is to provide a context for procedures that outline standards and best practices to:
This policy applies to any person that is provided access to town owned information technology resources including; town employees, elected officials, employees, contractors, consultants, volunteers, students and interns (Users).
Use of the town’s information technology resources that contravenes policies and/or procedures may result in disciplinary action up to and including dismissal from employment, seeking restitution, commencement of civil action, criminal prosecution or a combination thereof.
PO 4.3 – IT Steering Committee
PO 6 – Communicate Management Aims and Directions
PO 6.3 – IT Policies Management
PO 6.4 – Policy, Standards and Procedures Rollout
PO 6.5 – Communication of IT Objectives and Direction
Information technology resources include (but not limited to):
COBIT: Control Objectives for Information and related Technology is a recognized and accepted practice to document and identify control objectives, activities functions, stakeholders, dependencies, and the processes that are the efforts of enterprise ‘IT’ functions as it relates to itself and other areas of the business. The framework can ensure that an Information Technology department is operating responsibly, effectively and is auditable in its operation.
PCI or PCI-DSS: Payment Card Industry Data Security Standard is a set of requirements for any business that stores, processes or transmits payment cardholder information. The framework is intended to secure the payment environment and cardholder information in a set of common-sense steps that mirror best security practices.
Policy Number: A-ISS-001
Sub-Section: Information Systems
Author: Information Systems Department
Effective Date: 2006 Jul 04
Review by Date: 2017
Last Modified: 2012 Apr 16
Municipal Freedom of Information and Protection of Privacy Act
The Ontario Human Rights Code
HR-MNG-008 Respectful Conduct Policy
HR-MNG-006 Employee Code of Conduct
G-GEN-006 Code of Conduct for Members of Council and Local Board Members
The Copyright Act
The Criminal Code of Canada
PCI DSS Framework