Information Technology Policy Manual 2022

ENFORCEMENT

Any violation of this policy may lead to corrective action, up to and including dismissal from employment. The corrective action will depend upon the violation and be subject to the discretion of the employee’s supervisor/manager in accordance with Person nel Policy H-1 Corrective Action. Note: Some departments use Discipline Without Punishment as an alternative to H-1. The Police Department has its own corrective action process.

COMPLIANCE

It is the responsibility of City of Greensboro employees, contractors and consultants to ensure that the policy described in this document is followed. Employees, contractors and consultants must understand that protecting confidential information is a critical part of the City’s security strategy. The Cyber Security Team is authorized to limit access for employees, contractors and consultants that do not comply with this policy.

EXCEPTIONS

Requests for exceptions to this policy may be granted for systems or applications that have adequate security controls implemented. The security controls must provide good protection against Malware, cyber-attacks and other forms of threats. Requests must be submitted in writing to the Cyber Security and Compliance Manager for review and approval and must include the following details: 1) Purpose for requesting the exception 2) The risk to the City if the system or application becomes compromised 3) Mitigation controls that have been implemented to protect the system or application 4) End date for the exception

42 | P a g e