Our User Information Security Policy can be used to maintain the security and integrity of your organization’s information systems, which highlights the responsibilities and expected behaviors of employees to prevent unauthorized access, misuse or damage to the company's digital assets. The policy includes specific sections on testing information system controls, which restricts employees and external parties from testing or compromising internal controls without proper authorization. It also addresses the exploitation of system security vulnerabilities, strictly prohibiting employees from using known vulnerabilities for unauthorized activities.

Additionally, the document mandates immediate reporting of any information security incidents, such as virus infections or unauthorized access attempts, to ensure swift action and minimize potential damage. Furthermore, it requires users to report lost or stolen system access tokens promptly to prevent unauthorized access. Overall, this policy is essential for enforcing security protocols among employees and ensuring that all personnel adhere to best practices in information security.

Under this policy, employees must not exploit vulnerabilities or deficiencies in information systems security to:

• Damage systems or information.
• Obtain resources beyond those they have been authorized to obtain.
• Take resources away from other users.
• Gain access to other systems for which proper authorization has not been granted.