
180 ◾ The Security Risk Assessment Handbook
© 2011 by Taylor & Francis Group, LLC
Table6.7 Acceptable-Use Policy Expected Elements (Continued)
Policy Area Expected Elements
Encryption software Use of encryption software
Export restrictions
Miscellaneous Attorney-client communications
Standard footers
Large file transfers
Retention policy
Policy scope Compliance with applicable laws and licenses
No additional rights
Other policies and guidelines
Amendments and revisions
Employee signature Name, signature, date
Note: The acceptable-use policy is intended for all network users and should
cover network use, software use, and e-mail use.
Table6.8 System Dev ...