||Activities are the major tasks performed by the University to accomplish each of its functions. Several activities may be associated with each function. Activities are often described as actions or verbs, such as Reporting.
||University-owned and ITM-configured devices
||Archival records are those records that have been appraised as having long-term, enduring or permanent value such as Council Minutes, University Research Reports (of major national or international significance) and Examination Results.
||Any user who has been authorized by the relevant supervisor/officer to access a system or IT facility, and includes (but is not limited to) staff of the University of Canberra or any company in which the University of Canberra has an interest or any company or organization with which the University of Canberra is pursuing a joint venture, students, consultants, visitors, Honorary appointees.
||Availability refers to the ongoing operations and delivery of intended services by a system (e.g. finance or payroll) and its components.
|Business Information Systems (BIS)
- Organised collection of hardware, software, supplies, policies, procedures and people, which stores, processes and provides access to the University’s business information.
- Automated systems that create or manage data about the University’s activities. Includes applications whose primary purpose is to facilitate transactions between an organisational unit and its customers – for example, the student management system, finance or human resources systems, an e-commerce system, and purpose-built or customised databases.
||Confidentiality refers to the need to ensure that information is accessible only to those authorized to have access.
||Data which forms a part of the University’s records for internal, external or public use pertaining to the University’s business including operational, administrative, teaching and/or research activities.
Targeted data from within key systems such as recorded lectures from Echo360
- All Home Drive Data (H:\) – Staff and Students
- All Group Shares (\\ucstaff\dfs\...)
||The custodian is the individual responsible for the content of any data file or system. Note that it is not usually the creator of a document or a system operator.
||The content and configuration of all databases including:
- Finance One
- Research Master
- Mail Filtering
|Default to deny
||Means the setting of the norm to denying access so that specific instruction must be provided to all access.
||The person with the authority to formally assume responsibility for the action or decision in question
||All email and calendar items in all subfolders of staff email accounts.
||Back up of all targeted files
||Functions are “the largest unit of business activity”. They represent the major responsibilities that are managed by the University of Canberra to fulfil its goals. Functions are high-level aggregates of the University’s activities. Functions are often described as things or with nouns, such as Teaching and Learning, Research and Student Management.
||An incremental backup is a type of backup that only copies files that have changed since the last backup.
For example; if you had 10 files on your desktop which you backed up to a USB drive, making a copy of all 10 files is termed as a FULL backup. If you have made changes to 2 of those files since your last FULL then copying only the two files that have changed to your USB drive is termed an INCREMENTAL backup.
The strength of incremental backups include; significant time savings and effective use of storage. The downside is that an incremental is dependent on the last successful full backup.
||Integrity refers to the veracity of data. Loss of data integrity may be gross and evident, as when a computer disc fails, or subtle, as when a character in a file is altered.
|IT services and systems
||All information technology hardware, software, networks, processes and procedures utilized by the University of Canberra. ‘IT services and systems’ includes all stored data and information regardless of their storage or presentation media. ‘IT services and systems’ includes all environmental and support facilities.
||Information and Technology Management
||Includes all software owned or licensed by the University.
||The University’s information, ITM applications, and ITM infrastructure
||Include all computers, terminals, telephones, end host devices, licences, centrally managed data, computing laboratories, video conference rooms, and software owned or leased by the University.
|ITM Authorised Staff
||University of Canberra staff authorised by the Director of ITM to monitor accounts, files, stored data and/or network data, and to disconnect IT equipment in the event of an Information Security breach.
||Means that each user be granted the most restrictive set of privileges needed for the performance of authorised tasks.
|Member of the University
||University staff, students and other individuals who have a role within the University that entitles them to a University Network Account and/or to the use of University ITM resources.
||Refers to tasks (including testing and scanning) undertaken by ITM Authorised staff to ensure maintenance of security of IT services and systems within the University of Canberra’s domain
||Include any networks connected to the University’s backbone, any devices attached to these networks and any services made available over these networks. These include network servers, peripheral equipment, workstations and personal computers.
|Normal Administrative Practice (NAP)
||A process established to allow for the destruction of ephemeral, duplicate or transitory material of no evidentiary or continuing value. Examples include: Working papers consisting of rough notes, calculations, diagrams, used for the creation of records; Duplicates and copies of documents where the original is safely retained within the University’s recordkeeping system and Personal material such as invitations, tickets, and brochures.
||Offsite storage is prescribed in consideration of geographical factors, with adequate separation being determined by distance, propensity of fire, flood, structure and materials. Storage at or above ground level, in fireproof containment, within buildings with only concrete and steel structure, in areas of low vegetation will deliver far lower risk than only considering distance. Therefore, this offsite storage policy statement will be superior to industry standards based on separation alone. Given this, the majority of buildings on the UC campus will fulfill this requirement and therefore can be used as Offsite Storage sites if required.
||A contractual arrangement whereby services to or on behalf of the University that would otherwise be carried out internally are provided by an external organisation. Examples are financial, personnel, fleet or facilities management functions.
|Physical and Virtual Server Data
||Files and configuration required for the normal operation of each server.
||Privacy refers to the restriction of access and appropriate use of personal information as defined by law.
|Privately Owned Device
||A privately owned device is a device that is not fully owned, leased or controlled by the University. It could be owned by an individual staff member or student of the University or by a third party. Devices which are funded by research or consultancy funding are regarded as University owned.
||Information that, from time to time, is available for general access without the requirement for authentication.
||A record, in written, electronic or any other form, under the control of the University of Canberra or that it is entitled to control, kept as a record of its activities, whether it was created or received by the University. Briefly records "reflect what was communicated or decided or what action was taken". (AS/ISO 15489 Records Management 2002, Part 1: General, 7.2.1).
||Information systems that capture maintain and provide access to records over time. While the term is often associated with computer software, Recordkeeping Systems also encompass policies, procedures, practices and resources which are applied within the University to ensure that full and accurate records of business activity are made and kept.
|Responsible IT Security Officer
||University of Canberra staff delegated to be responsible for IT security matters.
||Security is defined as "the state of being free from unacceptable risk".
||The staff authorized as the person responsible for the system and/or its information content.
||Threats are the potential causes of loss or damage. These threats may be human or non-human, natural, accidental, or deliberate.
||Any user who is not an Authorized User and who is accessing information other than Public Information.
|University Network Account
||The computer account provided by the University to all current staff, University visitors and students, which has a user ID based on the staff or student ID number, and which is used for user authentication for most IT systems via a corporate directory system.
||The term University Visitor covers all non-staff who have an authorized role within the University or on the University campus. It includes contractors, adjunct staff, consultants, external committee members and workshop or conference attendees.
||A defined user code with an associated set of privileges for access to information and update functionality. Access to the account is controlled by security measures which commonly include a password. The password is the confidential part of the logon process and must be protected by the account holder