Skip Ribbon Commands
Skip to main content
SharePoint

Purpose

10   Access to the Internet in the World Health Organization (WHO) is governed by the Internet Access policy. Its purpose is to minimize the risks inherent in accessing the Internet and to ensure better protection to WHO and its information systems and data.

20   Information and Telecommunications (ICT) systems represent a considerable investment for the Organization and underpin the functioning of critical WHO business processes. The Internet Access policy seeks to promote the professional, ethical and lawful use of ICT systems in WHO and to ensure that Internet access is continuously reliable for all WHO users and critical business processes.

Scope

30   The Internet Access policy applies to everyone accessing the Internet through WHO’s ICT equipment and infrastructure, including without limitation staff members, interns, consultants, contractors, and visitors (referred to hereafter as "WHO Users") at any location. It also applies to all WHO Users who use personal or other equipment to access WHO ICT resources or perform work on behalf of the Organization.

Policy

Permitted use of ICT resources

40   WHO Users have a responsibility to use the WHO ICT infrastructure, including Internet access, in a professional, lawful and ethical manner. Within these guidelines, limited personal use of the IT infrastructure in headquarters, regional and country offices is allowed provided WHO Users exercise appropriate discretion, good judgment and restraint. Such usage must not interfere with the work assigned to the WHO User, or work assigned to other WHO Users or with the functioning of critical business applications and processes.

50   WHO Users are responsible for any misuse or overuse of WHO-provided Internet access for personal purposes and are accountable for any consequences arising from any established misuse or overuse.

60   WHO Users are responsible for safeguarding the confidentiality, integrity and availability of the WHO ICT resources to which they are granted access.

Internet access

70   WHO Users are granted general access to the Internet with the exception of content which the ICT infrastructure has blocked. This includes content that is considered malicious, for example, content that could lead directly or indirectly to virus contamination, could compromise ICT systems or represents substantial security risk. The access to such Internet sites will be blocked at all times in all WHO offices by the ICT infrastructure.

80   In addition, Internet access that creates the following risks will be progressively filtered as the risks come to light:

(a) Risks arising from potential abuse;

(b) Risks arising from potential liability;

(c) Risks arising from failure to comply with WHO’s Regulations, Rules and policies or with local, national or international laws;

(d) Illegal downloading or pirating of copyrighted material; and

(e) Any other access or activity that may bring the reputation of WHO into disrepute.

90   Each WHO office may implement additional filtering of access to Internet content to that described in paragraphs 70 and 80 above based on productivity concerns, bandwidth utilization, systems performance, human resources-related issues, local laws or any other legitimate business reason.

100   The mandate to filter further categories of content belongs to the respective Internet Usage Management Committee in each WHO office. For headquarters, the Internet Usage Management Committee is composed of: ADG/GMG, Director ITT and Director HRD. In the regions, the Internet Usage Management Committee is composed of DAF, HR and IT managers.

110   A list of categories of filtered Internet content will be established by each WHO office and published on its respective Intranet. It will specify Internet content that is:

(a) blocked at all times; or

(b) to which access is limited (e.g., may not be accessed during core office working hours).

Monitoring

120   In accordance with the WHO Policy on Acceptable Use of Information and Communication Systems, WHO administration reserves the right to monitor the use of WHO’s IT infrastructure by WHO Users, including access to the Internet, as well as the systems activity, transactions, and files. The purpose of this monitoring is to sustain and improve performance and to prevent abuse and misuse and for any other legitimate business purpose. Access to monitoring and system information (e.g. audit trails files) is governed by the provisions of the WHO Policy on Acceptable Use of Information and Communication Systems and the IOS policies and procedures.

Enforcement

130   The Internet Access policy is enforced through both technical and administrative measures. Technical measures will enable the appropriate filtering of Internet content and the monitoring of Internet usage.

Compliance

140   Reporting of alleged violations. All alleged violations of the Internet Access policy should be reported to the Global or Regional Service Desk or the appropriate information and communication systems authority responsible for administering the policy in the WHO location involved, who will investigate the allegation and (if appropriate) refer the matter to the relevant WHO authorities.

150   Disciplinary measures. For non-staff members, failure to comply with the Internet Access policy may result in various measures being taken against the individual or entity concerned, including ongoing compliance measures, removal of access, or for serious cases, termination of contract or initiation of legal proceedings. For staff members, such failure may result in disciplinary proceedings, which could result in a disciplinary measure up to and including summary dismissal in accordance with applicable WHO Staff Regulations and Rules.

Related Content
There is no related content specified for this page.
Publishing information
Version: 1.0
Published: 15/12/2011 18:00
View History  (Requires sign-in)