Sample Acceptable IT Use Policy

This document outlines your responsibilities in using and protecting the information held by [COMPANY NAME]and the IT systems used to provide services.

  1. When using our IT systems at any time in the workplace, or outside the workplace on devices supplied by us,you must not access, save, copy, show or print inappropriate, objectionable or illegal material.
  2. Our IT systems must not be used to deliberately facilitate any illegal or inappropriate workplace behaviour. This includes electronic communication that could cause offence to others, harass or harm them, or put them at potential risk.
  3. If you want to use your personal device (smartphone, tablet) to access company information then this must be approved by management and your device may need to be configured in order to protect company data (for example the ability to remotely wipe company email if you lose your phone).
  4. If you have been supplied with a company device or you are using your own device to access company information, you must protect the device with a pin code.
  5. You will be provided with a username and password for the IT system. You must take care to choose a password that will be hard for others to guess. Don’t use a password you use at home, or for any other application or website. You must keep your password confidential, and not share it with anyone else.
  6. If we have implemented a password manager, you must use that to create and store strong passwords for company applications and websites.
  7. Don’t allow other people to access the IT systems using your account, unless this has been authorised.
  8. All IT equipment or devices should be cared for in a responsible manner. Any damage, loss or theft of IT equipment or devices must be reported immediately to your manager.
  9. You must not download/install software or connect hardware (such as usb keys or drives) onto company devices without prior authorisation.
  10. Software licensing and copyright laws must be respected. We do not allow the use of pirated software.
  11. When sending confidential or sensitive information you must verify that the contact details you have are correct.
  12. You must not bring the company name into disrepute on any website or social media platform.

I have read and am aware of the obligations and responsibilities outlined in this policy. I understand them, and I agree to follow them.

I also understand that apparent breaches of this agreement will be investigated, and could result in disciplinary action.

Name:Date:

Signature: