Acceptable Use Policy

Introduction
Employees and third-parties who use company equipment or information systems should be made aware of acceptable use.

Objective
To ensure the company’s information and information systems are being used responsibly.

Scope
This policy applies to all users of the company’s information systems and equipment.

Policy

• Use is restricted to authorised individuals only and in accordance with the company’s information security policies.
• Use is for legitimate business purposes in compliance with relevant legal and contractual requirements.
• Use is limited to information and information systems required to fulfil your role and responsibilities.
• Use may be monitored and logged for suspicious activity and forensic investigation.
• All data must be stored on the company’s file-servers and/or databases.
• Company equipment may only be taken offsite with authorisation.
• Company equipment and data must be adequately protected at all times.
• All company equipment and data must be returned on termination.

Guidelines

• Do not open unexpected emails, attachments or suspicious links.
• Do not visit unknown websites or click on advertising links.

References
Information security policy
Key security instructions
Data protection policy