DCU Information Systems Services header
Information Systems Services

ICT Policies & Guides - Breaches Of The Code Of Conduct

Breaches Of The Code Of Conduct

ISS Logo

 

 

Breaches Of The Code Of Conduct

Breaches Of The Code Of Conduct For The Use Of Computing Resources In DCU

Processes to be Applied Within DCU

1. Purpose:

The purpose of this document is to define the processes to be followed within DCU when a breach, or an alleged breach, of the Code of Conduct has been reported.

2. The Code of Conduct:

The Code of Conduct for the use of Computing Resources in Dublin City University can be viewed & downloaded from: here

The Code of Conduct stipulates that breaches should be reported as follows:

  1. Students should report breaches of this Code of Conduct to one of the following: their Lecturer, Head of School, Director of information systems & services or other senior person within the University and
  2. Staff have an obligation to report breaches to one of the following: their Head of School/Unit, Director of Human Resources, Director of Computer Services Department or to the University Secretary.

Third parties(i.e. neither students nor staff) wishing to report a breach or alleged breach should contact at least one of the following: Director of Human Resources, Director of Information Systems & Services, the University Secretary or other senior person within the University.

3. The Processes:

Processes are defined for a number of scenarios:

3.1 Where Child Pornography is the subject of the breach or suspected breach:

  • The recipients of the complaint should immediately inform the Director of information systems & services and also the Director of Human Resources(where the complaint relates to member(s) of Staff ) or the University Secretary(where the complaint relates to Student(s)).
    Where it is unclear whether it relates to Staff or to Students, any two of these should be informed. Similarly, where the individual(s) involved are neither staff nor students of DCU, then any two of those listed should be informed.
    Should any of these people be uncontactable or, if for some reason it would not be appropriate to contact them, then the Office of The President should be informed.
  • Immediate protection of the "evidence" is critically important. The Director of HR, University Secretary or Presidents Office immediately informs the Director of ISS(or appropriate staff within ISS).
  • ISS will immediately inform the Superintendent, Santry Garda Station(01-6664000) and the Detective Sergeant, Whitehall Garda Station(01-6664500).
  • The Gardai may direct what actions are to be taken at this point, if not, ISS will decide on the appropriate short-term actions. The information systems & services Department(ISS) will then arrange for the appropriate systems and relevant information such as logs and records of activities to be "ring fenced", secured and protected for subsequent examination by the Gardai. This activity is to be carried out by a team of at least two people from within ISS, preferably the Director of ISS or the Head of ISS Services Group together with another senior member of the department. This team will call on the services of technical staff as appropriate to assist them and will document the details of all actions taken.
  • Management of the process is the handed to the Gardai.
  • The outcomes of the Gardai processes will be communicated as appropriate to one of: the Director of Human Resources, Director of information systems & services, University Secretary or other appropriate authority within the University.
  • Any disciplinary action that is required will be actioned through the existing University disciplinary procedures.
  • ISS will take appropriate action(as agreed with Gardai if necessary) with external bodies that appear to have been involved in the incident(e.g. targets or sources of spam, viruses, hacking, offensive material etc.) .

 

3.2 Where Child Pornography is not the subject of the breach or suspected breach:

  • The recipients of the complaint should immediately inform the Director of information systems & services and also the Director of Human Resources(where the complaint relates to member(s) of Staff ) or the University Secretary(where the complaint relates to Student(s)).
    Where it is unclear whether it relates to Staff or to Students, any two of these should be informed. Similarly, where the individual(s) involved are neither staff nor students of DCU, then any two of those listed should be informed.
    Should any of these people be uncontactable or, if for some reason it would not be appropriate to contact them, then the Office of The President should be informed.
  • The Director of HR, University Secretary or Presidents Office will then inform the Director of ISS(or appropriate staff within ISS) of the complaint and ask that appropriate logs and records etc are secured.
  • The Information Systems & Services(ISS) will then arrange for the appropriate systems and relevant information such as logs and records of activities to be "ring fenced", secured and protected for subsequent examination. This activity is to be carried out by a team of at least two people from within ISS, preferably the Director of ISS or Head of ISS Services Group together with another senior member of the department. This team will call on the services of technical staff as appropriate to assist them and will document the details of all actions taken.
  • ISS, by reference to the Code of Conduct for the Use of Computer Resources in DCU, will examine the validity and circumstances of the breach. University disciplinary procedures may then be initiated either by ISS under direction from the Secretary's Office, by the Secretary's Office itself, by the Director of Human Resources or by other appropriate authorities.
  • ISS will take appropriate action with external bodies that appear to have been involved in the incident(e.g. targets or sources of spam, viruses, hacking, offensive material etc.) .