These SyOPs will detail the responsibilities and procedures to be followed by all users who have access to the Affinitext library.
These are in addition to the DII/MODNet SyOPs already agreed to by users with DII/MODNet accounts, and in some cases supersede them.
The highest Classification of information that can be stored and processed on Affinitext is OFFICIAL-SENSITIVE.
The user is to ensure that:
• They have read and indicated compliance with these SyOPs.
• They have returned the signed Certificate of Understanding below or have responded electronically to confirm their understanding and their intention to comply with the Affinitext Security Operating Procedures.
• They have read and will comply with MOD’s Acceptable Use Policy, JSP 740.
Acceptable use policy (JSP 740) – GOV.UK (www.gov.uk)
• All passwords and access codes should be kept separately from the device and protected as OFFICIAL-SENSITIVE data; in a locked cabinet, accessible only to those with a business need . Passwords will not be shared with anyone else.
• Guidance on working at OFFICIAL, (including OFFICIAL-SENSITIVE) can be found here:
Guidance 1.1_ Working at OFFICIAL.docx (publishing.service.gov.uk)
• The Affinitext library is used for official purposes only.
• Where the transfer of data, hard or soft copies, is required, it must be authorised and compliant with the Data Protection Act 2018. Instructions on correct methods of transfer should be provided with authorisation and can be clarified by DIO-WARP@mod.gov.uk
• Data storage media no longer required is disposed of or destroyed by an approved method. Advice on approved methods of destruction of specific types of data storage media should be sought from the DIO CIO ITSO.
• Any technical issues with Affinitext are reported to support@affinitext.com.
• If they have access to any parts of the Affinitext library that they should not have access to, then it is reported to support@affinitext.com as soon as possible.
Users should be aware that these accounts will be audited on a regular basis. Any identifed breach of security or unreported incident may lead to disciplinary action and/or the facility being withdrawn.
In the event of a security incident occurring this should be reported immediately to the DIO WARP DIO-WARP@mod.gov.uk and support@affinitext.com.
I confirm that I have read and understood the Security Operating Procedures for Affinitext Users Version 2 (August 2023)
I, the undersigned, have read and agree to comply with these Security Operating Procedures.
I understand that failure to comply with these Security Operating Procedures shall be treated as a serious disciplinary matter.
