IT Services
ACCEPTABLE USE OF UNIVERSITY IT SERVICES
Revision No: 3.0 August 2015
Review Date: January 2017
1
Introduction
1.1
Purpose of Policy
The aim of this document is to define the Manchester Metropolitan
University's policy for acceptable use of Information Technology (IT)
resources and systems.
1.2
Scope
This policy applies to all users of MMU’s IT services, systems, software and
devices. For clarity, users using their own, personal devices which they
connect to the University network are bound by this policy.
1.3
Roles & Responsibilities
This policy is implemented by IT Services and defines the responsibilities of
all users of MMU IT resources.
1.4
Associated policies
This policy should be interpreted in a manner consistent with all other University
policies, particularly the Information Security Policy and the Acceptable Use of
Social Media Policy. The current versions of the University’s IT policies can be
found at: www.mmu.ac.uk/itservices/policy/
While all areas of the University are beholden to this policy, it should be used as a
foundation by which additional regulations and guidance may be introduced,
where there is a need for additional, specific or specialist regulations for groups of
users using University IT.
2
Definitions
The following definitions apply throughout this document:
2.1 “IT resources” includes any IT services, systems, software and devices
that are:

The property of the University
Revision No: 3.0
Aug 2015
Review Date: Aug 2016
IT Services

Leased/rented or on loan to the University

The property of third parties affiliated to MMU, located on campus

Connected to a University network, device or system (including personal
devices)

Used to handle or store University data

Licensed to the University, for example, software, library catalogues
and database services

“Devices” includes any technology which is used to handle
information on behalf of or belonging to the University. From desktop
PCs, Macs and laptops, to mobile devices like smartphones and
tablets, but also storage devices such as memory sticks, cards, discs
or drives.
2.2 “the University” and “MMU” refer to Manchester Metropolitan
University, including all of its campuses and subsidiaries.
2.3 “users” refers to anybody who accesses the University’s IT resources in any
way. This includes, but is not limited to, all members of staff, contractors, students
(both full and part time), associates, guests and temporary users.
2.4
Acceptable Use
Acceptable use of the Manchester Metropolitan University’s IT resources is
defined as any use:


2.5
in support of the University’s teaching, learning, research, consultancy
and administrative activities;
which does not come under the category of prohibited use.
Prohibited Use
Prohibited use of the University’s IT resources is defined as their use:

in contravention of any laws, policies or regulations

to intentionally access, create, store or transmit material which the
University may deem to be offensive, indecent or obscene (other
than in the course of academic research where this aspect of the
research has the prior, explicit approval of the University’s official
processes for dealing with academic ethical issues)

to create, download, store or transmit unlawful material, or material
that is indecent, offensive, defamatory, threatening, discriminatory
or extremist.
Revision No: 3.0
Aug 2015
Review Date: Aug 2016
IT Services

to send threatening, defamatory, abusive, obscene or otherwise
offensive messages

in a way which may, or is likely to cause harm or needless annoyance to
anyone else

to cause harm to the University’s reputation, or that of its staff or
students

to commit the University to any contractual obligations without
obtaining the appropriate authority
in a manner which interferes with those activities covered within the
definition of Acceptable Use

3

for unauthorised, personal commercial gain

which otherwise acts against the aims and purposes of the
University as specified in its governing documents or in rules,
regulations and procedures adopted from time to time.
Applicable Laws and Regulations
Users are bound by the laws of England and Wales when using the
University’s IT resources. In addition, when using MMU devices or
accessing the University’s network from abroad, users must adhere to the
laws of that country too
4

It is the user’s responsibility to ensure his or her activities comply
with these laws

The use of University IT resources is subject to all relevant University
regulations

When making use of the internet, the acceptable use policies of the
carriers apply, in particular, the Joint Academic Network
(JANET).(See https://community.ja.net/library/acceptable-use-policy
for the JANET Acceptable Use Policy).

The University has a statutory duty, under the Counter Terrorism
and Security Act 2015, to aid the process of preventing people being
drawn into terrorism.
Personal Use

While the University’s IT resources are made available principally to
support the furtherance of an individual’s employment or course of
study with the University, it is recognised that users may
Revision No: 3.0
Aug 2015
Review Date: Aug 2016
IT Services
occasionally want to use these resources for their own purposes
5

Provided that such personal use is not prohibited or excessive and
does not detract from or interfere with the acceptable use of
University IT resources, it will normally be tolerated

While IT resources may be used for personal use it is not
recommended that users store or share sensitive or personal data
as the University cannot guarantee privacy for personal use

The University reserves the right to withdraw access to IT resources
for personal use at any time and may remove or modify information
(including personal data) held on its IT resources.
Monitoring & Access
The University does not routinely engage in systematic monitoring or filtering
activities, but reserves the right to do so, (in accordance with any relevant
legislation) for the following purposes:





to ascertain compliance with UK law and MMU regulations/procedures
in the interests of national security
to prevent/detect crime
to investigate or detect prohibited use of resources
to safeguard the security or effective operation of the University’s IT
systems.
The University retains a right of access to all information held on University
computing facilities and to all user accounts (including email, files and data)
where there is a clear business need.
6
The University’s Disciplinary Procedure
The University’s policy on the prevention of prohibited use is:

to make all staff and students aware of this acceptable use policy

to educate staff and students in matters relating to acceptable use

to take swift and effective action within existing disciplinary and/or
legislative frameworks to address any user found to be using the
University’s IT services in a prohibited manner.
Where prohibited use of IT resources has been identified, the matter will be
the subject of investigation in accordance with the appropriate disciplinary
procedure.
Any prohibited use which is deemed to be in contravention of the law and/or
Revision No: 3.0
Aug 2015
Review Date: Aug 2016
IT Services
which involves the intentional access, creation, storage or transmission of
material which may be considered indecent or obscene will be regarded as
an act of gross misconduct on the part of staff. This would also qualify as an
act for which students may be expelled under the student disciplinary
procedure.
The only exception to this is under special circumstances, where, in the
course of academic research, there is an element of the research that
requires this access. In this case it would require prior, explicit approval
through the University’s official processes for dealing with academic, ethical
issues.
7
The University’s Exit Procedures
Upon leaving the University it is expected that users:





will promptly return all University IT equipment in reasonable working
condition
should not delete any data which belongs to the University and which the
University may need in future
should ensure any data which may be needed by the University is transferred
to an appropriate colleague prior to their departure
should ensure any of their own data that they wish to keep is removed from
the University’s resources, as they will not be entitled to access this (and the
University will not retrieve it for them) once they leave
review and conform to any other procedures set out by the University in
relation to your departure. Line managers and student support services are
best placed to advise on this.
Version Number and Approval Dates
Version
3.0
Approved August
Date
2015
Date for
Review:
Author Name & Job
Title
Brendon Kenny
IT Marketing
Communications Manager
Approved by:
(Board/Committee)
August 2016
This policy is subject to regular review to reflect the changing
nature of IT services.
Revision No: 3.0
Aug 2015
Review Date: Aug 2016