The primary function of an Acceptable Use Policy (AUP) is to outline acceptable behaviors for users of company IT resources. It details what users are permitted to do and what is prohibited while using corporate systems and services. Sanctions for violations are often included within the AUP or in a separate disciplinary policy, but the main focus is on user behavior guidelines rather than the consequences of violations.