Policy overview
This policy aims to ensure appropriate access control rules are in place across our ICT, including the network and associated information systems. This is to ensure:
- the confidentiality, integrity, and availability of systems and information
- the actions or operations that a legitimate user can perform are those authorised for their role
- the risks associated with unauthorised access are mitigated
Access control must be in place to protect our interests by providing a secure and readily accessible environment.
Scope
This policy applies to:
- our network
- resources
- associated information systems and applications
The policy applies to individuals requesting access to our ICT and the ongoing management of that access. This includes, but is not limited to:
- employees
- members
- contractors
- consultants
- volunteers
- third-party organisations