Protocols for handling reports of alleged misuse of IT facilities
"Misuse" is defined as any use outside that permitted under University Council Corporate Policy C-22.0 Acceptable Use of University Information Technology Facilities. This policy may be read on the University Web site at
Information Strategy & Technology Services Unit (ISTS), in dealing with misuse, is concerned principally with managing the information technology resource of the University for its most effective use for authorised work, and in being good "network citizens" by following up complaints about University of South Australia users from outside organisations.
In general, reports from staff or students of the University should be directed to the IT Help Desk (Internal telephone 2 5000, external 8302 5000). Staff members receiving complaints from outside the University should pass them on to the Help Desk and inform the complainant that the report has been passed on.
Occasionally, where issues of possible serious misconduct arise, a senior staff member (Senior Management Group, Divisional, School or Unit Head) may prefer to report directly to the Director: Information Strategy & Technology Services.
ISTS receives frequent complaints about students misusing IT facilities in general purpose computing pools.
- If misuse is observed, immediately telephone Security and ask for urgent attendance of a Security Officer. Dealing with an offender "caught in the act" is preferable to lengthy investigations "after the event". The IT Help Desk needs to be notified as soon as possible.
- In reporting to the IT Help Desk, if possible provide;
- offenders identity (or description),
- number of the PC used and where it is located, and
- exact time an offence was observed. (To permit tracing the activity in computer logs).
Unless the activity can be traced back to a particular user, little remedial action is possible.
- IT Help Desk will notify the Coordinator, IT Accounts and Security of the Security breach
Policy C-22.0 details procedures for handling reports of misuse. The ISTS maintains a record of reports, with particular note of those traced back to particular user Accounts.
Action following identification of a user may vary from a formal warning to a disciplinary hearing which may lead to closure of a computer Account or other disciplinary action. The University may also refer a complaint to an external authority such as the police, where this is considered appropriate.