IT Acceptable Use Policy

1. Purpose

This policy defines the requirements and protocols for utilising Evolution Mining’s (“EVN”, “Evolution” or “the Company”) Information, Communication and Technology System (“ICT”) infrastructure to ensure that these are used in an appropriate and compliant manner, consistent with the values and relevant policies of the Company, and which does not compromise the integrity and security of the Company’s assets and data. The Company owns the EVN ICT infrastructure. This includes all computer systems such as computer network equipment, servers, desktop and notebook computers, fixed and mobile communication devices and tablets, and the electronic information resources (“Computer Systems”) used for business purposes within the group.

2. Scope

This policy applies to all Evolution employees and contractors (“Employees”) using any ICT infrastructure supplied by the Company or using a personal device on the Company’s ICT infrastructure.
Evolution’s Executive Chairman has the overall responsibility for the confidentiality, integrity, and availability of corporate data.
The Executive Chairman has delegated the responsibility for the execution and maintenance of the Company’s IT Infrastructure to the Vice President – Information Technology.
All Company employees are required to act in accordance with company policies and procedures.

3. Policy

3.1 Employees must ensure that usage of the Computer Systems, including all email communication complies with the Privacy and Confidentiality policies of the Company and Employees must not access, copy or disseminate confidential information to unauthorised Employees or third parties

3.2 Employees must not attempt to gain unauthorised access to any computer system or circumvent their authorised access. This includes, but is not limited to, attempts to gain access using another Employee’s user ID and password.

3.3 Employees must not use another employee’s email account to send email messages.

3.4 Employees must not share their unique user ID and password (“login credentials”) with other Employees or allow third parties to access the Company’s computer systems using their login credentials or use, copy or disseminate any material which the Company owns or has copyright in, to any third parties unless expressly authorised. Employees are personally accountable for all data and actions recorded under their unique login credentials. Employees who wish to arrange access to the Company’s computer systems for third parties must contact the IT Service Desk to arrange such, provided the required written authorisation has been provided.

3.5 Employees must not attempt to circumvent, disable, or remove any security measures implemented to protect the computer systems, applications, or the network such as firewalls or anti-virus software.

3.6 Employees must not intentionally engage in any activity which directly or indirectly has the effect of introducing a computer virus or malicious software on the Computer Systems of the Company.

3.7 Employees must not download install, operate, copy or distribute unlicensed or proprietary software applications, including any software which is not authorised as part of the standard operating environment on EVN computers or which infringes on the copyright of any third party.

3.8 Employees must not download or install any file sharing or peer-to-peer programmes for personal use, including any unauthorised or copyrighted material from the Internet, such as downloading copyrighted music or movie content via peer-to-peer networks.

3.9 Employees must not download computer utilities or tools that are primarily designed for gaining illegal access to other computer systems (usually referred to as hacking or cracking tools).

3.10 Employees must not use the computer systems for viewing, transmitting, receiving or storing of material, communication and/or information which may reasonably be regarded as inappropriate, fraudulent, discriminatory, harassing, defamatory, sexually explicit, obscene, offensive or threatening, or for any other purpose which is illegal or against Company policy or values or contrary to the public interest including accessing websites that deal with criminal activity, including (but not limited to) those involving or related to illegal drugs, computer hacking/cracking, the creation of malicious software (malware), terrorism, and illegal weapons.

3.11 Employees must not use search terms that are likely to result in lists of, or images from, unacceptable web sites.

3.12 Employees must not disseminate emails promoting, political or religious material of any kind.

3.13 Employees must not use social media in breach of their employment obligations and/or the Company’s Privacy, Confidentiality, HR and Media Protocol policies such as disclosing confidential information or making comments affecting, or likely to affect the Company, its stakeholders, brand or reputation on social media websites. This includes but not limited to websites such as Facebook, Linked-in, Instagram or Twitter.

3.14 Employees must not send or forward emails containing libellous, defamatory, offensive, racist or obscene remarks. If you receive an email of this nature, you must promptly notify your supervisor or line manager and the IT Service Desk.

3.15 Employees must not access Web sites or applications for personal use that consume excessive network resources (bandwidth) for long periods of time, such as multiplayer games, virtual worlds, large file transfers and streaming media.

3.16 Employees must not use the internet to operate any commercial activity, including a personal business or any undertaking that offers personal gain using the Company’s ICT infrastructure.

3.17 Employees must not attempts to break into, or illegally access or damage, other computer systems or data. (Note: the Company is not responsible for an employee’s use of the internet that contravenes any applicable law).

3.18 Employees must report to the IT Service Desk if they become aware or have any reason to believe that a violation of this policy by another employee or any third party has occurred or is likely to occur.

3.19 Employees must not intentionally remove, delete or destroy any electronic records, documents or reports from the Company’s computer systems except in the ordinary course in the performance of their assigned duties.

3.20 Employees must not make copies of any electronic records, documents or reports from the Company’s computer systems for any third party except as part of their assigned duties or in circumstances where there is a Confidentiality Agreement in place.

4. Non-compliance

Failure to comply with the IT and any associated Company policies may result in the suspension or termination of access to any or all the ICT Infrastructure and Computer Systems, connectivity privileges, disciplinary action, and possible termination of employment.

5. Related policies and guidelines

The Company has developed a set of policies to support the IT Infrastructure which includes the physical devices and software applications used across the Company. All IT policies should be read in conjunction with the Company Confidentiality and Privacy policies and employees must understand how the policies interrelate with the IT policies.

Policy Name Policy Number
IT Policy Principles and Guidelines
Privacy Policy
Confidentiality Policy
Media Protocol Policy and Procedure
Code of Conduct Policy
External Communication Policy
Scroll to Top