員工信息安全行為規(guī)范翻譯-中英 Behavior norm of staff information safety Edition record 版本Edition 變更理由 Alteration reason 編寫 Audit 發(fā)布日期 Date issued 生效日期Effective date 1.0 版本建立 批準人（簽名）： Approved by (Sign): 日期: Date: 員工信息安全行為規(guī)范Behavior specification of staff information safety 1. 目的Purpose 通過《員工信息安全行為規(guī)范》，建立員工日常行為的可操作性規(guī)范，以促進公司信息安全目標的的實現(xiàn)。Regulation of “Behavior norm of staff information safety” set up daily effective norm of staff behavior, so as to promote the realization information safety of company. 2. 適用范圍Scope of application 本方針的適用對象主要包括所有部門，必要時還包括相關的外部人員（與公司有關的集成商、軟件開發(fā)商、產品提供商、顧問、商業(yè)合作伙伴、臨時工作人員和客戶以及其他第三方機構或人員等）。上述對象在利用公司的信息或接入公司信息系統(tǒng)時，均必須遵守該行為規(guī)范。The application scope of this guiding principle includes all departments; it also includes relevant external personnel in case of necessity (Integration supplier, software developer, products manufacturer, advisor, commercial cooperative partner, interim staff member and customer and other third party's organization or personnel of company). Above-mentioned parties shall observe this behavior norm while utilizing information of the company or access company's information system, 2.1. 職責Duty  HR部HR department 根據公司安全管理的實際情況，制定/修訂本員工行為規(guī)范；According to the actual conditions of company's safety management, formulate / revise the edition of behavior norms of staff;  HR部、IT部及行政部HR department, IT department and administration department 監(jiān)督和檢查本規(guī)范的執(zhí)行。Supervise and check the execution of this normal.  所有員工（包括臨時員工及相關的外部人員）：All staff (include interim staff and relevant external personnel): 遵守該行為規(guī)范，并報告發(fā)現(xiàn)的任何違規(guī)行為Observe this behavior norm, and report any unlawful practice found 3. 術語和定義Terms and definitions 4. 相關/支持性文件Relevant / supporting document • 《信息安全手冊》“Manual of information safety” • 《信息密級分類及管理指南》“Classification and management guideline of confidential information” • 《用戶權限管理程序》“Authority management procedure of user” • 《辦公場所安全管理規(guī)范》“Safe management standard in office” 5. 記錄管理Record management 記錄 Record 保存期限Storage period 位置 Position 責任人 Person liable 6. 規(guī)范內容Regulation content 6.1. 保密信息管理Management of confidential information  根據《信息密級分類及管理指南》的相關規(guī)定標識和保護所使用、保管和建立的信息。In accordance with the regulation of relevant fixed identification and protection, store and formulation information of “Classification and management guideline of confidential information”.  因工作需要訪問密級為秘密及以上信息的，需要向本部門負責人或信息所有者提出申請，有關權限的申請，遵循《用戶權限管理程序》。Visit confidential information in need of work shall submit an application to the department head or the information owner; as for the application of the authority shall observe the regulation of “Authority management procedure of user”. 6.2. 辦公場所出入管理The entry and exit management of office building  遵循《辦公場所安全管理規(guī)范》。Observe the regulation of “Safe management standard in office”. 6.3. 便攜式計算機設備安全管理Safety management of the equipment of portable computer  只有被批準的便攜式計算機設備才能允許接入公司辦公網絡；Only the portable computer equipment with authorization may access to the network of official business of company;  未經授權，不得在公司內部使用非公司筆記本電腦；Without permission , it is prohibited to use the notebook computer not to use inside the company;  在使用公司辦公網絡的同時，未經授權，不得連接第三方網絡；While accessing official network of company, it is prohibited to access to network of the third party without permission;  便攜式計算機設備丟失或被竊應及時報告；Report in time while the portable computer equipment is lost or stolen;  未經授權，便攜式計算機設備內禁止存放客戶數(shù)據以及未加密的秘密以上信息。Without permission, it is prohibited to store customer's data and unencrypted information in the portable computer. 6.4. EMAIL管理EMAIL management  未經授權禁止使用郵箱發(fā)送代碼及數(shù)據，禁止向外部發(fā)送公司代碼及數(shù)據；It is prohibited to send the code and data without permission with E-mail; it is prohibited to send company's code and data to the outside;  禁止在公司內使用個人信箱和外部公用信箱；It is prohibited to use the personal mailbox and outside public mailbox in company;  公司信箱只能用于公司目的，公司有權對所發(fā)送的內容進行監(jiān)控；The company mailbox can only be used in company's purpose , the company has the right to supervise the content;  通過EMAIL發(fā)送保密信息必須遵循《信息密級分類及管理指南》的相關規(guī)定；The confidential information send through EMAIL shall follow relevant regulation on “Classification and management guideline of confidential information”;  禁止利用公司郵箱發(fā)送或者轉發(fā)虛假、黃色、反動信息；It is prohibited to use the company postbox to send or transmit false, obscene, reactionary information;  禁止利用公司郵箱發(fā)送或者轉發(fā)宣揚個人政治傾向或者宗教信仰；It is prohibited to use the company postbox to send or transmit and advocate personal political orientation or religious belief;  禁止利用公司郵箱發(fā)送或者轉發(fā)發(fā)送垃圾信息；It is prohibited to use the company postbox to send or transmit and send the rubbish information;  禁止利用公司郵箱發(fā)送或者轉發(fā)能夠引起連鎖發(fā)送的恐嚇、祝賀等信息；It is prohibited to use the company postbox to send or transmitting the threatening and congratulating information that can cause the chain reaction;  Email發(fā)送的附件大小不能超過20M；The size of the enclosure of Email shall not exceed 20M ; 武漢翻譯公司 2013.12.7