Download to read offline
Uploaded byDilum Bandara
Acceptable Use Policy Making
This document discusses the process of developing an Acceptable Use Policy (AUP) for organizational IT resources. It explains that AUPs aim to define what use of resources is acceptable versus not, as the lines have blurred with BYOD and personal use of work devices. The development process involves establishing a team, researching current resource use, drafting the policy content covering purposes and restrictions, circulating the draft for feedback, approval, communication, implementation with monitoring, and periodic review/revision. An AUP is important to ensure compliance by outlining appropriate and inappropriate uses of computers, networks and systems.
More Related Content
Similar to Acceptable Use Policy Making
![TOR Code of cunduct & misuse of computing[1].pptx](https://cdn.slidesharecdn.com/ss_thumbnails/torcodeofcunductmisuseofcomputing1-240707093743-28a2c05d-thumbnail.jpg?width=640&height=640&fit=bounds)
More from Dilum Bandara
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
Acceptable Use Policy Making
- 1. ACCEPTABLE USE POLICYMAKING CS5102 IT POLICY AND PLANNING DILUM BANDARA, PHD
- 2. Clear Ownership, butBlurred Use Organizational IT resources should be used only for the purposes that they are provided for Increasingly organizations are allowing users to use cooperate resources for personal use & vice versa COPE vs. BYOD What is acceptable & what’s not are getting blurred Organizations should have the right to inspect all data stored on or communicated via organizational resources without invading privacy of users 2
- 3. Acceptable Use Policy(AUP) Defines what’s acceptable & what’s not States the purpose why resources are provided It sets guidelines as to how computers, network, website, or system may be used It restrict the ways in which those resources may be used Defines the consequences of violating the rules of conduct Ensure compliance 3
- 4. Process Initiate &Establish Structure Review & Research Preparation of Draft Policy Circulation & Consultation Ratification & Communication Implementation Monitoring Review, Evaluation & Revision 4 Source: www.webwise.ie/teachers/acceptable-use-policy/how-to- develop-an-acceptable-use-policy-2/
- 5. Initiate & EstablishStructure Define the teams who are responsible for preparation of AUP & approval of it Define policy scope Typically developed under the IT Council Approved by IT Advisory Board and/or CIO Board 5
- 6. Review & Research Develop an inventory of computers, network, websites, or systems may be used Consider both in-house & outside resources that users have access to Laptops, tablets, smartphones, Wi-Fi, e-Mail, Voice mail, Enterprise social networking platforms, cooperate accounts Identify types personal devices & resources they access/connect Determine pros & cons of covering these in AUP or a separate policy such as BYOD 6
- 7. Draft Policy Content Establish purposes for providing resources Define resources covered under AUP Define what is non-business use State the right to inspect & monitor State what is monitored, how, & under what circumstances State restrictions on solicitation State relevant laws & consequences of violation Contact information for clarifications & feedback 7
- 8. Process (Cont.) Circulation& Consultation Share with stakeholders Solicit feedback Ratification & Communication Revise AUP Obtain approval Then communicate to all stakeholders Implementation Phased enforcement Monitoring Regular (automated) checks Identify any overlooked issues Review, Evaluation & Revision Evolve as technology & use evolve Cover missing pieces 8
Editor's Notes
- #8 Restrictions on solicitation – No political campaigns, fund raising