job function. Access to confidential information on a "need to know" basis only. Security Administrator Highest level of security clearance. Allowed access to all computer systems, databases, firewalls, and network devices as required for job function. Systems Analyst/Programmer Access to applications and databases as required for specific :ob function. Not authorized to access routers, firewalls, or other network devices. Contractors/Consultants Access to applications and databases as required for specific job functions. Access to routers and firewall only if required for job function. Knowledge of security policies. Access to company information and systems must be approved in writing by the company director/CEO. Other Agencies and Business Partners Access allowed to selected applications only when contract or inter agency access agreement is in place or required by applicable laws. General Public Access is limited to applications running on public Web servers. The general public will not be allowed to access confidential information. Monitorl g Use of Computer Systems The company has the right and capability to monitor electronic information created and/or communicated by persons using company computer systems and networks, including e-mail messages and usage of the Internet. It is not the company policy or intent to continuously monitor all computer usage by employees or other users of the company computer systems and network. However, users of the systems should be aware that the company may monitor usage, including, but not limited to, patterns of usage of the Internet (e.g. site accessed, on-line length, time of day access), and employees' electronic files and messages to the extent necessary to ensure that the Internet and other electronic communications are being used in compliance with the law and with company policy. Access Control A fundamental component of our Cyber Security Policy is controlling access to the critical information resources that require protection from unauthorized disclosure or modification. The fundamental meaning of access control is that permissions are assigned to individuals or systems