Cyber Security Policy Manual

P OLICY E NFORCEMENT Any violation of this policy may lead to disciplinary action, up to and including dismissal from employment. The disciplinary action will depend upon the violation and be subject to the discretion of the employee’s supervisor/manager in accordance with Pers onnel Policy H-1 Discipline Without Punishment (DWP) Policy. The Fire and Police Departments have their own corrective action processes.

P OLICY C OMPLIANCE

It is the responsibility of City of Greensboro employees, contractors and consultants to ensure that the policy described in this document is followed. Employees, contractors and consultants must understand that protecting confidential information is a critical part of the City’s security strategy. The Cyber Security Team is authorized to limit acce ss for employees, contractors and consultants that do not comply with this policy.

P OLICY E XCEPTIONS Requests for exceptions to this policy may be granted for systems or applications that have adequate security controls implemented. The security controls must provide good protection against Malware, cyber-attacks and other forms of threats. Requests must be submitted in writing to the Cyber Security Team for review and approval and must include the following details: 1) Purpose for requesting the exception 2) The risk to the City if the system or application becomes compromised 3) Mitigation controls that have been implemented to protect the system or application 4) End date for the exception

Cyber Security Policy Manual

51