LEGISLATIVE COUNCIL PANEL ON
INFORMATION TECHNOLOGY AND BROADCASTING
Prohibition of the Use of Unauthorised Computer Software PURPOSE
in the Housing Authority and Housing Department
This paper informs members on the arrangements to prevent the use of unauthorised computer software in the Housing Authority (HA) and Housing Department (HD).
2. The HA and HD have an installation base of about 8,000 sets of microcomputer. They are installed in about 200 estates and outstation offices. Guidelines are issued to staff on the use and management of microcomputers. Such guidelines include the prohibition on the use of unauthorised software in the HA/HD's microcomputers. Relevant circular memorandum on the subject is circulated on a quarterly basis to remind staff that any use of unauthorised software is an infringement of copyright and is liable to both criminal and civil proceedings, and should therefore under no circumstances, be installed on the HA/HD's microcomputers. Immediate steps should be taken to remove such programs as soon as such incidents come to notice. Self discipline is very important.
3. As part of the HA/HD's internal control mechanism to identify gaps in existing systems so that remedial action can be taken to close them, the Internal Audit Section (IAS) of HD conducts system checks on a regular basis. The IAS has recently conducted an exercise to examine the adequacy and reliability of the controls in management of microcomputers and peripherals of the HD and to look into areas for further improvement. The audit covered policies, procedures and internal installation, use of licensed software, data security, maintenance, inventory record keeping, write off/disposal, custody and insurance.
4. One of the audit findings was that irrespective of the regular issue of reminders, unauthorised software was still found on some microcomputers, representing 13% of the microcomputers inspected. The IAS put forward a number of recommendations to tighten the control on use of unauthorised software. An extract of the IAS's report concerning the use of unauthorised software is at the Annex
5. The HA and HD take a serious view on the use of unauthorised software. Following the findings of the IAS, immediate actions have been taken to remove unauthorised software from the microcomputers in the estates/offices concerned. In addition, staff in other estates/offices have been requested to check again and confirm the non-existence of unauthorised software in the microcomputers under their charge. We are also making arrangements to conduct a compliance check on all microcomputers.
6. To further strengthen the control and usage of microcomputers, the following additional measures are being implemented -
- we have reviewed our guidelines including the roles and responsibilities of the PC Managers and will be releasing them in a more user-friendly form to inform and remind staff of the proper use of microcomputers ;
- to enhance staff general awareness, we will be stepping up in our education of staff on the proper use of microcomputers through microcomputer training sessions and newsletters ;
- we have nominated Branch Liaison Officers (BLO) within each Business Branch of the HD, who will be given the role of coordinating with the PC Managers enhancing the communication, management and control on the use of information technology within their respective Branches ; and
- To strengthen our monitoring and compliance programme, we will -
- designate a staff member in each estate/office to conduct quarterly checks on microcomputers within his/her estate/office and to report incidents to his/her BLO who would consolidate and report to the Branch Heads ;
- the Officers suspected to have installed unauthorised software would be asked to explain personally to the Branch Head. They would be subject to disciplinary actions where warranted ; and
- to conduct bi-annual random checks centrally for compliance.