Technology in schools procedures
Direction and guidance for school staff to safely use information, communication and digital technologies to enable a connected, informed and empowered learning experience and support streamlined administration processes.
Audience
All school staff and contractors, consultants, volunteers, and committee members engaged by schools.
| Version | Date | Description of changes | Approved by |
|---|---|---|---|
V01.2.0 | 18/06/2026 | Updated to clarify and simplify wording relating to the roles and responsibilities of staff, teachers and administrative staff. Removed outdated or unnecessary references, and made minor language and procedural updates to align with current department systems and processes. | Chief Information Officer |
V01.1.1 | 03/07/2024 | Procedure updated to delete reference to the Finance in Schools Handbook (FISH) and replaced with reference to the Financial management (schools) procedures. | Executive Director, Digital Learning |
V01.1.0 | 24/06/2024 | Procedure updated to delete references to the decommissioned Education Business System (EBS). | Director, Digital Student Management |
| V01.0.0 | 14/03/2024 | Under the 2023 Policy and procedure review program, new procedure developed consolidating and clarifying mandatory requirements previously provided through department web pages. | Chief Information Officer |
About the policy
This procedure supports the Technology in schools policy.
| Term | Definition |
|---|---|
| Asset | A physical item that costs $10,000 or more (excluding GST) and/or generates future benefits for a school beyond one year, or software where the value is $50,000 (excluding GST) or more. |
| Equipment | An individual item costing less than $10,000 (excluding GST). |
Principals:
- ensure staff access rights to school technology systems are appropriately approved, regularly reviewed and promptly removed when no longer required, in accordance with the Cyber security policy and standards (refer to Policies, strategies and standards [staff only]), and Privacy standards.
Teachers:
- support student access to technology to enable their participation in learning programs and activities
- support students to comply with the Student use of mobile phones in schools policy and the Digital devices and online services for students policy and report breaches to school executive
- promptly report breakages or technical issues with devices, software, online services or connectivity to the school’s ICT coordinator or EDConnect
- perform technology-related delegated roles.
School administrative and support staff:
- use department technology systems to support school operations
- perform technology-related delegated roles
- promptly report breakages or technical issues with devices, software, online services or connectivity to the school’s ICT coordinator or EDConnect
- manage student data and enrolments in the Enrolment and Registration Number (ERN) system and Online Enrolment System (OES).
Technology support officers and other contractors:
- perform roles and responsibilities as provided in their role statements.
What needs to be done
This procedure guides principals and school staff to safely use digital technologies and systems to support student learning and school administration processes.
For advice on managing inappropriate student use of digital devices, online services and mobile phones, refer to:
- the Digital devices and online services for students policy and procedures
- the Student use of mobile phones in schools policy and procedures.
Principals should manage online student behaviour according to the school’s existing behaviour support and management plan and the Student behaviour policy.
For information on appropriate staff use of digital devices, online services and mobile phones, refer to:
- the Digital devices, services and information – staff use policy and procedures
- Code of ethics and conduct procedures.
1.Manage student access to technology systems and devices
1.1. Manage passwords and systems
Schools manage student passwords through the Educational Management Utility (EMU). This allows principals or delegates to reset passwords for school students (refer to Manage student passwords).
Web filtering helps provide a safe browsing environment for students and staff. When a student or staff member logs onto the department network, web filtering is automatically activated (refer to Manage web filtering).
Staff wanting to override blocks on YouTube videos will need to complete training on using Restricted Mode YouTube, gain access and review each video before approving it for student use (refer to Access YouTube in restricted mode).
Staff must:
- encourage students to assume responsibility for the security of their digital identities as early as possible, recognising the different abilities of individual students
- give students full control of their own passwords by Year 6 at the latest, except where assistance is required by a student with a disability or where a student requests assistance with resetting a password
- help students to understand the importance of protecting their digital identities, including their education.nsw.gov.au accounts
- encourage safe online behaviours by students, beginning with their first uses of technology in schools.
- manage student data and enrolments in the Enrolment and Registration Number (ERN) system and Online Enrolment System (OES) to enable student access to systems and devices
- use the Education Management Utility (EMU) to manage student internet and email access, if required.
Staff should:
- use the department’s web filtering (staff only) tool to check whether the websites they want to use are not blocked for student use
- request to unblock and block websites as needed by logging an online query through EDConnect online (staff only) or by calling 1300 32 32 32.
Kindergarten to Year 10 students have access to YouTube in restricted mode, to support their learning. This means they can only view those videos that YouTube considers child friendly.
Principals can nominate staff at their school to be approvers to override blocks on desired YouTube educational videos.
Nominated staff who wish to manage the availability of blocked videos for students must:
- complete the professional learning course on YouTube restricted mode implementation (staff only)
- request access to YouTube through the Manage My Access (MMA) application in the staff portal
- review each video before approving it for student use. Once a video is approved for viewing in restricted mode, it can be viewed by any student in any school.
Refer to YouTube restricted mode (staff only) for more guidance.
Students in Years 11 and 12 are permitted to switch out of restricted mode.
1.2 Ensure access to devices and systems is equitable
Schools may lend students devices for learning at home. This helps students who do not have a computer or the internet at home (refer to section 6.5 Loaning assets and equipment in Financial management [schools] procedures [staff only]).
Schools must ensure that chosen technology services meet accessibility compliance requirements (refer below to Ensure technology services are accessible for students).
Principals and delegates approve the loan of digital devices to students.
Teachers and administrative staff:
- help students borrow school digital devices for home learning
- ensure students know their department password and how to reset it through the student portal
- support students to use systems such as Google Classroom and Microsoft Teams (refer to Technology for Learning), or other school learning management solutions (refer to Technology for Learning Professional Learning Resources).
Some students require reasonable adjustments to their learning and support needs under the Disability Standards for Education 2005. A disability may include a medical condition impacting a student.
Schools must ensure that chosen technology services are accessible for students and are compliant with accessibility requirements. This includes:
- content (such as documents or e-books)
- platforms (such as mobile apps and web sites)
- services
- devices and applications
- telecommunications or video conferencing and online meeting technologies.
For some students with disability, supplementary equipment and/or technology support is an essential component for facilitating learning, enabling their access to and participation in the Preschool to Year 12 curriculum and supporting progress towards their educational goals. The department’s Student Wellbeing Support directorate has an existing process, as outlined below, to facilitate access to technology for students with disability.
Where a student requires additional technology support or equipment not listed in Technology for Learning (T4L), or on Standard Devices for Schools (staff only), principals or delegates must:
- identify the need for specific technology or equipment to facilitate learning and enable student access to and participation in the curriculum
- ensure the identified need is supported with a specialist report, for example speech pathologists, physiotherapist, occupational therapist or other specialist health providers
- contact the local learning and wellbeing officer (through School Support Contacts) to access the Support Technology and Equipment Program (STEP) request form.
The local learning and wellbeing officer can provide further information on the STEP process and eligibility of students.
2. Manage staff access to department systems and data security
Staff can request for access with principals or their delegate(s) managing staff access and their requests to department systems through the:
- Manage My Access (MMA) and Manage Staff Access (MSA) mobile-enabled applications (refer to Manage My Access and Manage Staff Access to department systems below)
- Staff Management Utility (SMU) (refer to Manage staff passwords and user details)
All staff are required to:
- take appropriate steps when leaving the department (staff only) to ensure department technology standards are met
- return any department-issued devices to the school
- maintain security of the department’s systems and data, and report data breaches (or suspected data breaches) immediately (refer to Ensure data is secure and report breaches).
Staff can use 2 applications to apply for and receive access to department systems:
- teachers and administrative staff can use Manage My Access (MMA) to submit access requests
- principals or delegates can use Manage Staff Access (MSA) to approve appropriate staff access requests.
Refer to Access management experience (staff only) for further information and user guides.
The Staff Management Utility (SMU) contains sensitive personal information about staff. It allows staff to access staff details such as user ID, location and contact details. As SMU contains personal details for each staff member such as date of birth and their home address, principals or delegates should limit the school’s SMU authorisers.
Principals have the authority to:
- reset staff passwords
- add or remove casual staff at their school
- grant application access to staff, using the Manage Staff Access (MSA) application
- delegate authoriser access level to others, such as a deputy principal, using Manage Staff Access (MSA).
The Enrolment and Registration Number (ERN) system is a web-based, central database that manages the student enrolment processes and is accessed through the staff portal (refer to ERN support).
To manage student enrolment in ERN, principals:
- collect and accurately maintain student and family information in ERN to meet legislative requirements and ensure student wellbeing and safety
- ensure staff are aware of roles and access rights in student wellbeing applications.
Principals must ensure that access to student information is given only to staff with on a strict 'need to know' basis, in accordance with the NSW Government Information Protection Principles (IPPs) for agencies.
All staff must take steps to ensure the department’s systems and data are secure. This includes:
- completing MyPL – Mandatory Training (staff only) training modules on data security and privacy, including the reporting data breaches training module for all staff, and managing data breaches module for principals
- taking the prescribed actions if their account has been compromised, please refer to the Cyber security policy and procedures for the required actions
- ensuring their mailbox is protected by following the guides on the web page, I am cyber safe (staff only), particularly about password hygiene
- reporting phishing emails as they may otherwise expose the department’s system to viruses and other damaging applications
- only using core and approved Administration Marketplace Panel for Schools (AMPS) applications to store student and staff data.
Most data breaches are caused by human error, such as sharing personal or confidential information to unauthorised parties.
All staff must report data breaches (or suspected data breaches) involving personal or confidential information immediately as described on Reporting and managing data breaches (staff only).
3. Manage hardware, software and devices
3.1 Purchase and manage hardware and devices
Principals and their delegates, such as teachers and administrative staff, are responsible for:
- managing, replacing and ensuring device security (refer below to Purchase hardware and devices)
- keeping records on assets and equipment purchased or given to the school (refer below to Keep records of devices and hardware in SAP)
- undertaking stocktakes of assets and equipment registered in SAP (refer below to Undertake stocktakes of assets and equipment)
- managing printers, digital devices and T4L managed devices.
Principals or delegates:
- select a device from the list of available Standard Devices for Schools (staff only)
- make a purchase order in EdBuy in compliance with department’s Procurement policy (staff only) (refer to the resource page for EdBuy [staff only] for support and training)
- consult with their Digital Field Services support team before purchasing any technology that is not on EdBuy to ensure compatibility with department systems
- ensure that major items of equipment, such as computers, are not purchased for resale to students
- if required, contact EDConnect (staff only) to request a warranty service
- contact the vendor to assess accidental damage and receive a quote
- where schools wish to purchase hardware or devices that are not available under existing contracts (refer to Our contract arrangements [staff only]) and are not on EdBuy, schools must complete an Alternate Suppy Request form (staff only) (DOCX 16 KB) through EDConnect
- arrange a redistribution of any unused department-allocated devices for students in need by emailing it.icr@det.nsw.edu.au.
Teachers and administrative staff are responsible for recording and storing data, such as make, model and serial numbers of devices.
Principals and delegates must:
- update the equipment register immediately when purchasing or receiving equipment
- record the value and acquisition date for each item in the register
- clearly mark assets and equipment as property of the school by attaching a barcode showing the register ID, before an item is distributed for use in the school
- authorise and record any loans of equipment in the register. The record needs to show the signature of the borrower and the principal.
Refer to section 6. Assets and equipment of the Financial management (schools) procedures (staff only) for the mandatory requirements covering recordkeeping of assets and equipment.
Principals and delegates must:
- immediately disconnect from the network, decommission and dispose of assets and equipment that no longer receive software or firmware updates from vendors or original equipment manufacturers
- maintain support contracts for assets and equipment where those contracts are required to receive software or firmware updates.
Each year, EDConnect will direct all schools that have assets registered in SAP, to perform an asset stocktake and provide the results to EDConnect.
Every 2 years, principals and delegates are required to complete a stocktake of equipment. Refer to the Perform an equipment stocktake – QRG (staff only) for step-by-step instructions.
| Action | Direction | Resources |
|---|---|---|
| Set up and manage printers | Principals and delegates should:
| Refer to the set up guide: Printer management (staff only) for detailed instructions. |
| Set up NSW Department of Education supported devices | Principals and delegates should:
| Refer to the set up guides on Technology for Learning Device management resources. |
3.2 Recycle and dispose of devices and hardware
Principals are required to:
- be environmentally responsible when recycling devices
- keep records of disposed or deactivated equipment, as well as ensuring memory and data is correctly wiped.
Configuration and storage must be securely wiped prior to disposal. Principals should consult with their Digital Field Services support team for assistance with this process.
Disposing of equipment and deactivating assets
The department has a dedicated eWaste contract in place to manage the secure disposal of department digital assets. Schools can access this service through Contact EDConnect (staff only) to request an eWaste collection.
For further information, refer to:
- disposing and deactivating assets and equipment section in the Financial management (schools) procedures (staff only)
- Cyber safety (staff only).
3.3 Purchase and manage software
Schools can use the following core department-provided applications for students, without needing parental consent, including:
- Microsoft 365
- Google Workspace
- Adobe Creative Cloud.
Student use of all other online applications requires explicit parental consent for each such online application. This includes approved applications listed on the Online Learning Tools Marketplace catalogue (staff only) and AssessedIT.
Staff and students may access core or approved applications and software, to use on various devices and locations, including when working at home.
Parental consent is required for students to use all applications that are not department-provided. Refer to:
- Cyber safety's Online software applications and parental consent (staff only) for guidance on which applications need consent and how to seek consent
- the Cyber security policy and procedures for guidance on managing student data in online applications.
Schools should not use software or devices that have failed a security assessment. Principals are accountable for the risks and issues that arise from using such software or devices.
To help decide whether to engage third-party IT providers, principals can use the decision tree tool, Working with third party providers of information technology (staff only) (PDF 476 KB).
Principals, delegates and staff should consult with their local Digital Field Services team before making any purchases. Software and web platforms not in the core or approved application list are not guaranteed to work with department systems.
Only department-approved deployment and management tools may be used when installing software on school devices. Unapproved installation or packaging tools must not be used, as they may bypass required cyber safety assessments.
3.4 Manage Wi-Fi, internet and device connection
The department’s Wi-Fi network requires a username and password to connect:
- Each staff member or student must use their own user account credentials to join an individually allocated device or personal device to the DETNSW Wi-Fi network.
- Each school has a Wi-Fi service account that may be used for kiosk and shared devices only.
- Principals and delegates can obtain the Wi-Fi service account username and password from EDConnect.
- Human account credentials must never be saved onto shared devices.
3.5 NAPLAN online assessment technical requirement
The national assessment platform used for the NAPLAN assessments can only be accessed using a locked down browser. It is available for Windows, Mac, iPads and Chromebooks.
Principals ensure:
- all test devices being used for NAPLAN online meet device requirements provided by Australian Curriculum, Assessment and Reporting Authority (ACARA).
- for schools sitting NAPLAN assessments online, have most of their compatible managed devices automatically installed with the latest version of the locked down browser
- devices are ready for the locked down browser as per requirements provided on Technology for Learning.
4. Manage school use of student administration platforms
Schools use Administration Marketplace Panel for Schools (AMPS) products for core student management and administration tasks, so accurate data entry, staff with appropriate training, and well-maintained school-managed configurations (for example, local templates) are essential to ensure compliance and avoid operational issues.
For more information, refer to Administration Marketplace Panel for Schools (staff only).
Principals or delegates:
- when transitioning to a new Administration Marketplace Panel for Schools (AMPS) supplier, ensure all data is successfully transferred to the new provider. If certain data cannot be transferred, securely retain an extract in a safe storage location
- ensure all relevant staff receive adequate and appropriate training in the use of AMPS solutions.
Principals, teachers, school administrative and support staff:
- access data stored in student administration platforms only for the purpose of carrying out the duties of their roles
- ensure all data entered into AMPS-supported products is accurate, complete, and regularly updated
- use the system in accordance with department-approved policies and procedures and policies (for example, finance, student wellbeing and attendance) to maintain consistency and compliance
- update school-managed templates within AMPS supplier systems (such as reports, letters and notifications) whenever policies or data requirements change.
Supporting tools, resources and related information
- Procurement policy (staff only)
- Digital devices and online services for students policy
- Digital devices, services and information – staff use
- Cyber security policy
- Social media policy
- Student behaviour policy
- Disability Standards for Education 2005 (Cth)
- Financial management (schools) procedures (staff only)
Policy contact
Corro.ITDCIO@det.nsw.edu.au
The Chief Information Officer monitors the implementation of this procedure, regularly reviews its contents to ensure relevance and accuracy, and updates it as needed.