IT-11 Acceptable Use

Estimated reading: 1 minute 1608 views

What is IT-11 Acceptable Use Control?

An acceptable use policy communicates the set of rules to be followed by an organization’s employees.

Available tools in the marketplace

No tool recommendation is made for this section

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version.

Control implementation

NOTE: This control is 100% automated by TrustCloud. Upload your policy or leverage TrustCloud’s built-in policy to enjoy the benefits of automation.

To implement this control manually,

Define a policy with the following components:

  • a definition section
  • a policy statement
  • an acceptable uses section
  • an unacceptable use section
  • a violations and sanctions section

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

  1. Provide the most up-to-date acceptable use policy.

Evidence example

For the suggested action, an example is provided below:
The following screenshot shows TrustCloud’s “Acceptable Use Policy” out of the box.
IT 11 Acceptable Use 01

Join the conversation