A security administrator is revising the organization's documentation so employees clearly understand what they can and cannot do when connecting to the corporate network, using company email, and browsing the Internet from company devices. Which type of document should the administrator create or update to define these constraints?
A document that delineates acceptable and unacceptable behavior for organizational system and network use is called an Acceptable Use Policy. This policy sets clear expectations for employees, reduces security and legal risks, and supports enforcement actions. Information security policies form a broader framework of controls, guidelines are advisory recommendations, and technical standards specify mandatory technical requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is an Acceptable Use Policy important for an organization?
Open an interactive chat with Bash
How does an Acceptable Use Policy differ from Information Security Policies?
Open an interactive chat with Bash
What role do guidelines and standards play alongside an Acceptable Use Policy?