Professional Documents
Culture Documents
Acceptable Usage Policy Document KF
Acceptable Usage Policy Document KF
(KHALIFA FOUNDATION)
Internal Document
January 2019
Confidential
Item Details
Document Name ACCEPTABLE USAGE POLICY
Reference KHALIFA FOUNDATION -ISMS-DOC010- ACCEPTABLE USAGE POLICY
Confidentiality INTERNAL
Creation Date 9/1/2019
Update Date
Current Version 1.0
Document Owner KHALIFA FOUNDATION INFORMATION SECURITY TEAM
Document Audience KHALIFA FOUNDATION RISK MANAGEMENT COMMITTEE, ISMS TEAM
Document Review
ANNUAL
Period
Date of Adoption
Revision History
Revision Date Updated by Reviewed by Change Description
DRAFT 9/1/2019 IT Advisor – George El Hage
1.0 9/1/2019
Document Approval
Approved by
Department
Function
Name
Signature
Date
Page 2 of 6
Confidential
Table of Contents
Acceptable Usage Policy ....................................................................................... 4
1. Objective ........................................................................................................ 4
2. Policy Scope .................................................................................................. 4
3. Policy Statements .......................................................................................... 4
4. Responsibilities .............................................................................................. 5
5. Policy Enforcement ........................................................................................ 6
6. Non-Compliance and Disciplinary Action: ...................................................... 6
Page 3 of 6
Confidential
1. Objective
The primary objective of this policy is to establish the acceptable and unacceptable use of Khalifa
Foundation IT and non-IT assets including networks, systems and infrastructure and information. It
mandates the users’ responsibility to perform authorized and appropriate use of these assets.
2. Policy Scope
The scope of the policy applies to all servers, applications, network devices, database systems and
information being owned and managed by Khalifa Foundation and subsequently accessed, used by
KHALIFA FOUNDATION Employees, Contractors, Partners, Third party Vendors to perform / support
KHALIFA FOUNDATION business operations.
3. Policy Statements
Employees shall not attempt to access any data, documents, email correspondence, and
programs contained on KHALIFA FOUNDATION systems for which they do not have
authorization.
Employees shall be aware that any data they create on KHALIFA FOUNDATION systems
remains the property of KHALIFA FOUNDATION . The KHALIFA FOUNDATION management
reserves the right to access any information stored on any of its systems and network at any
point in time.
Systems administrators and authorized users shall not disclose any details related to systems
and networks including remote connection and access to KHALIFA FOUNDATION IT resources
to unauthorized personnel.
Employees shall not send, upload, remove information on portable media or otherwise transfer
information to a non KHALIFA FOUNDATION system that is classified as confidential, except
where explicitly authorization has been granted based on business requirements.
Employees shall use their IT related systems with diligence and due care and will be responsible
to ensure the safety for those systems allocated for their use at KHALIFA FOUNDATION .
Page 4 of 6
Confidential
Employees shall not involve in activities that may have a negative impact on the efficiency and
effectiveness of the KHALIFA FOUNDATION ’s IT resources. In addition, refrain from
performing activities that could lead to privilege escalation.
Adequate and appropriate steps shall be taken by the employees to ensure / prevent
unauthorized access to the KHALIFA FOUNDATION information.
Employees shall not download, install or execute security programs or utilities (such as
password crackers, packet sniffers or port scanners) that could expose or exploit weaknesses
in the security of a KHALIFA FOUNDATION computer resource unless and until it is approved
by the KHALIFA FOUNDATION Management.
KHALIFA FOUNDATION information resources shall not be used for personal benefit, political
activity, unsolicited advertising, unauthorized fund raising or for the solicitation of performance
of any activity that is prohibited by law.
Employees and external contractors are not allowed to connect their personal portable devices
within the KHALIFA FOUNDATION network. Exceptions may be granted based on business
needs and appropriate authorizations and approvals from the KHALIFA FOUNDATION IT
Management.
The KHALIFA FOUNDATION Management reserves the right to audit people, networks,
systems and infrastructure on a regular basis to determine the compliance with the Acceptable
Usage Policy.
All documents (hard copies) containing critical and sensitive information shall be protected
appropriately as per the classification requirements.
4. Responsibilities
No. Description Section
KHALIFA FOUNDATION Information
1 Review and update policy document
security officer
Page 5 of 6
Confidential
5. Policy Enforcement
The policy is applicable to all KHALIFA FOUNDATION staff, partners, suppliers, third party vendors,
contractors that support and / or use the KHALIFA FOUNDATION ’s information. Adherence to the policy
is to be strictly followed. Breach of the policy is subject to disciplinary actions / legal ramifications.
Page 6 of 6