Why Do You Need an Acceptable Use Policy?
Master of Business and Technology IT Report
See Also: Acceptable Usage Policy Discussion Board
April 8, 2003
In the Art of War, Sun Tzu explained to military leaders that “all warfare is based on deception” (Clavell 1983 p11). Then, lines of information flow were few and slow. Leaders could in fact masterfully orchestrate communication to either deceive the enemy or facilitate internal command. Coming forward 2500 years however, we find that the lines of information flow are fast and furious, and have now been disseminated through our organization.
This is the changing face of information systems today, and CIOs need to deal with the sensitivity of information made available, or unwittingly made available, to parties outside their organizations. For this, the CIO should create the corporation’s Acceptable Use Policy guided by holistic Information Systems strategy.
The acceptable use policy legally binds the usage of systems as indicated by its documentation, and seeks to govern those individuals who might have little discipline or understanding in dealing with the nuances of the ever-intensifying knowledge economy.
Caught between the anxiety caused by legal risks of policy non-compliance and for the need to allow employees flexibility to use the system, it is often difficult to know how much an organization can afford to tighten its screws. This Acceptable Usage report attempts to look at some of the greater issues that the policy document deals with in order to provide guidance for managers needing to create or review existing policies.
This document is an Acceptable Usage Policy report written for a Master's level course GBAT 9115 titled 'Information Technology for Managers offered in the Master's of Business and Technology Program by University of New South Wales. The document explores generally accepted Acceptable Use Policies and uses this framework to look through a commercially created Acceptable Use Policy.