Document Feedback - Review and Comment
Step 1 of 4: Comment on Document
How to make a comment?
1. Use this to open a comment box for your chosen Section, Part, Heading or clause.
2. Type your feedback into the comments box and then click "save comment" button located in the lower-right of the comment box.
3. Do not open more than one comment box at the same time.
4. When you have finished making comments proceed to the next stage by clicking on the "Continue to Step 2" button at the very bottom of this page.
Important Information
During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity. If you do not have JavaScript running you will recieve a message to advise you of the length of time before the time-out. If you have JavaScript enabled, the time-out is lengthy and should not cause difficulty, however you should note the following tips to avoid losing your comments or corrupting your entries:
-
DO NOT jump between web pages/applications while logging comments.
-
DO NOT log comments for more than one document at a time. Complete and submit all comments for one document before commenting on another.
-
DO NOT leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.
-
DO NOT exit from the interface until you have completed all three stages of the submission process.
(1) The objective of this Standard is to: (2) This standard applies to all students, staff, contractors, visitors and any other parties who have access to the IT assets of RMIT University and its controlled entities (‘RMIT’). (3) Authority for this document is established by the Information Technology and Security Policy. (4) Access and use of IT assets must be for legitimate RMIT purposes, specific to the user’s role, and in accordance with RMIT policies, procedures and standards. (5) Access and use of IT assets for reasonable non-commercial personal purpose is acceptable, provided such use: (6) Access and use of RMIT IT assets for any commercial purpose other than legitimate RMIT purposes is not allowed. (7) Any use of RMIT IT assets is not acceptable when it is used for any act which: (8) Speak to your manager, College or Portfolio management, People team, or the Information Technology Services (ITS) Service and Support Centre if you are uncertain whether other activities are acceptable or not, or you are uncertain about whether a standard applies to a given situation. (9) To protect RMIT Information everywhere, users must: (10) Users must only access, use and share RMIT information on a need-to-know basis. They must: (11) Users must dispose RMIT IT assets in a secured manner and in accordance with the Retention and Disposal Standard. This includes: (12) Information security is a shared responsibility. All users must play their role in keeping RMIT safe by: (13) RMIT conducts surveillance across all systems and devices to determine any security weakness or policy non-compliance. (14) Use of RMIT IT assets is a privilege, not a right. RMIT has full rights to withdraw access to RMIT IT assets at any time without prior notification. (15) RMIT may block any email or communication, inbound or outbound, that threatens the security of RMIT IT assets. (16) Exemptions from the Information Technology and Security Policy and related standards must be sought using the ITS Policy exemption process determined by the Chief Information Security Officer. (17) Non-compliance with this standard may result in a disciplinary action, or legal action in cases of illegal activity. Management will decide what action to take, if any, based on the severity of the incident. (18) Creating, using, saving, accessing or distributing material is prohibited if it might reasonably be considered offensive, obscene or indecent by an ordinary member of the public, or is illegal (e.g. pornographic, racist or sexist material, or violent content), except where such items are legitimately held within the RMIT curated collections such as Art, Archival or Library Collections. Accessing or distributing material for legitimate research or educational purposes must have been granted an exemption through the ITS Policy Exemption Form. (19) Plagiarising, copying or distributing information in contravention of copyright or similar legal obligations without the owners’ express permission (e.g., copyright images, text messages, videos, memes or sounds from websites owned by a third party). (20) Using IT systems to harass, bully or defame (e.g. spreading of malicious information via email). (21) Unauthorised attempts to interfere with the operation of or make RMIT IT systems or services unavailable (e.g. flooding a booking system with fake bookings). (22) Sharing or disclosure of personal user identities, identifiers and passwords, or security codes. (23) Writing down passwords or leaving them in a place where an unauthorised person might see them. (24) Unauthorised hacking or probing for security vulnerabilities in networks, systems or applications etc. without the written consent by the Chief Information Security Officer (CISO) (e.g. students or staff probing Canvas for vulnerabilities to exploit). (25) Creating, introducing, or distributing computer viruses or other malicious software onto any RMIT network device or system. (26) Disclosing, removing, or disposing of IT assets without authority from ITS, College or portfolio executive management. Such authority must comply with all RMIT policies, including the Information Governance Policy (e.g. taking a monitor home or using a staff contact database without permission, destruction of RMIT records within the mandated legal period). (27) Monitoring, intercepting, or accessing network traffic, emails, files, etc. intended for another person. (28) Deliberate unauthorised access to systems or data and/or unauthorised use of data or information obtained (e.g. using someone’s unlocked computer to act on their behalf). (29) Storing non-public information on non-RMIT endorsed site or location such as a USB drive, cloud storage or forwarding RMIT email to your personal email account (e.g., saving a student class listing on a personal storage service such as personal Dropbox or Box etc.). (30) Transmitting unsolicited commercial advertising material or any other form of unsolicited commercial electronic message, including material commonly known as spam, or junk email (e.g., perpetuating chain letters, virus warnings or hoax messages). (31) Responding to spam or phishing messages by supplying non-public RMIT or personal information. (32) Using non-RMIT supplied VPN services or anonymisation technologies like VPN and TOR to access RMIT network, applications or services is not permitted (e.g. MobileVPN, ExpressVPN, etc.) (33) Using applications on RMIT computers that allow for remote control of those computers from other locations. (e.g. TeamViewer, AnyDesk, etc.) (34) Auto forwarding of RMIT email to non-RMIT managed devices or personal email accounts. (35) Downloading, installing or running software, applications or software as a service (SaaS) that are not endorsed by ITS (e.g. Bitcoin miner, SpeedUpMyPC, etc.). (36) Copying or distributing to unauthorised users software developed by, procured by or licensed to RMIT including computer software and cloud services.Information Technology - Acceptable Use Standard
Section 1 - Purpose
Top of PageSection 2 - Scope
Section 3 - Authority
Section 4 - Standard
Principles
A list of examples of unacceptable IT usage is given in Appendix A: Examples of Unacceptable Use - RMIT IT Assets. User Behaviour
Monitoring
Information Security Standard Exemptions
Compliance
Appendix A - Unacceptable IT Use Examples