Information Security Policy

Introduction

Computer information systems and networks are an integral part of business at Hano Document Printers. The company has made a substantial investment in human and financial resources to create these systems.

The enclosed policies and directives have been established in order to:

• Protect this investment.

• Safeguard the information contained within these systems.

• Reduce business and legal risk.

• Protect the good name of the company.

Violations

Violations may result in disciplinary action in accordance with company policy. Failure to observe these guidelines may result in disciplinary action by the company depending upon the type and severity of the violation, whether it causes any liability or loss to the company, and/or the presence of any repeated violation(s).

Administration

The information services manager (IS manager) is responsible for the administration of this policy.

Contents

The topics covered in this document include:

• Statement of responsibility

• The Internet and e-mail

• Computer viruses

• Access codes and passwords

• Physical security

• Copyrights and license agreements

Statement of responsibility

General responsibilities pertaining to this policy are set forth in this section. The following sections list additional specific responsibilities.

Manager responsibilities

Managers and supervisors must:

1. Ensure that all appropriate personnel are aware of and comply with this policy.

2. Create appropriate performance standards, control practices, and procedures designed to provide reasonable assurance that all employees observe this policy.

IS manager responsibilities

The IS manager must:

1. Develop and maintain written standards and procedures necessary to ensure implementation of and compliance with these policy directives.

2. Provide appropriate support and guidance to assist employees to fulfill their responsibilities under this directive.

The Internet and e-mail

The Internet is a very large, publicly...