Kenneth C. Laudon,Jane P. Laudon Management Information System 12th Edition pdf

defines acceptable uses of

the firm’s information resources and computing equipment, including desktop

and laptop computers, wireless devices, telephones, and the Internet. The policy

should clarify company policy regarding privacy, user responsibility, and per-

sonal use of company equipment and networks. A good AUP defines unaccept-

able and acceptable actions for every user and specifies consequences for non-

compliance. For example, security policy at Unilever, the giant multinational

consumer goods company, requires every employee equipped with a laptop or

mobile handheld device to use a company-specified device and employ a pass-

word or other method of identification when logging onto the corporate network. 

Security policy also includes provisions for identity management.