CITY OF SAN
D
IEGO
Information Security Policy Acknowledgement Form – City
Employees
Policy Summary (pertinent excerpts from Administrative Regulation 90.63):
4.1.2. All computer files developed, created or enhanced within the scope and course of City employment, or a City
third-party contractual relationship, are the property of the City of San Diego, regardless of their physical location or the
form in which they are maintained. These include, but are not limited to, computer data files, documents, databases,
spreadsheets, calendar entries, appointments, tasks, and notes which reside on any City Computer Systems or Computer
Equipment, or the Computer Equipment of a contractor performing work for or on behalf of the City.
a. The City reserves the right to access and disclose as required or permitted by law, and as defined in the
approved Information Security Standards and Guidelines, all messages and other electronic data sent over its
Email systems or stored in computer files on City Computer Equipment. City-related computer files stored on
non-City or personal computers must be provided upon the City’s request in City standard formats.
4.1.4. Authorized access to City Computer Systems and Network Services shall be at the minimum level required for the
Individual to perform and complete their assigned duties, and not at a level that allows access to information beyond the
scope of that Individual’s assigned duties.
4.1.5. Each Computer System or Network Services User ID must uniquely identify only one User. Generic, shared, or
group User IDs are not permitted. [...] Network security groups may be used to combine Users access rights. Approved
group Email accounts may be shared by multiple Users who each have unique User IDs.
4.3.1. Users must be responsible in their use of City Computer Equipment, and Network Services. Any action that may
cause interference with City Computer Systems, exposes the City’s Computer Systems to risk or adversely impacts the
work of others in using these Computer Systems is prohibited.
4.3.2. Employees may be disciplined in accordance with standard City procedures for improperly using or knowingly
allowing the improper use of the City’s Computer Equipment, Network Services or Email system as stated in this
regulation. Abuse of the City’s Computer Systems may result in disciplinary action, up to and including termination and
criminal prosecution if deemed appropriate.
4.3.4. Every end User must have a single unique User ID and a personal password which must be kept confidential and
not shared with anyone else. This User ID and password will be required for access to all multi-user Computer Equipment
and Network Services. User passwords must comply with the Information Security Standards and Guidelines.
4.3.5. Users accessing City Computer Systems are prohibited from gaining unauthorized access to any other non-City
Computer Systems or in any way damaging, altering or disrupting the operations of those systems. Users are also prohibited
from capturing or otherwise obtaining passwords, encryption keys, or any other access control mechanism which could
permit unauthorized access.
Employee/Supervisor Acknowledgement
By signing below, the employee acknowledges that he or she has been advised of the City’s policies
related to Information Security as provided in Administrative Regulation 90.63 (“Information Security
Policy”), which has been discussed with his or her supervisor, and further acknowledges that he or she
understands and agrees to comply with the provisions of the policy. Employee understands that this
form will be kept as part of his or her departmental employee file, and that he or she may receive a copy,
if requested. The supervisor acknowledges that he or she has discussed the policy (A.R. 90.63) with the
employee named below and understands the supervisor’s obligations regarding Information Security
under this policy.
Employee’s Name (Print Legibly)
Employee’s Signature Date Signed
Supervisor’s Name (Print Legibly)
Supervisor’s Signature Date Signed
Form IT-063 (04/2017) (City Employee Form)