[{"data":1,"prerenderedAt":498},["ShallowReactive",2],{"document-computer-use-policy-D705":3},{"document":4,"label":23,"preview":11,"thumb":24,"thumb600":25,"description":5,"descriptionCustom":6,"apiDescription":5,"pages":8,"extension":10,"parents":26,"breadcrumb":30,"related":38,"customDescModule":174,"customdescription":6,"mdFm":175,"mdProseHtml":497},{"description":5,"descriptionCustom":6,"label":7,"pages":8,"size":9,"extension":10,"preview":11,"thumb":12,"svgFrame":13,"seoMetadata":14,"parents":15,"keywords":22},"TECHNOLOGY RESOURCES USE POLICY Policy restricting personal use of employer's computers and systems PURPOSE To remain competitive, better serve our customers and provide our employees with the best tools to do their jobs, [YOUR COMPANY NAME] (\"the Company\") makes available to our workforce access to one or more forms of electronic media and services, including but not limited to: computers, software, printers, copiers, files, databases, cellular phone, pager, email, telephones, voicemail, fax machines, external electronic bulletin boards, wire services, online services, intranet, Internet and the World Wide Web. [YOUR COMPANY NAME] encourages the use of these media and associated services because they can make communication more efficient and effective and because they are valuable sources of information about vendors, customers, technology, and new products and services. However, all employees and everyone connected with the organization should remember that electronic media and services provided by the company are company property and their purpose is to facilitate and support company business. All computer users have the responsibility to use these resources in a professional, ethical, and lawful manner. To ensure that all employees are responsible, the following guidelines have been established for using email and the Internet. No policy can lay down rules to cover every possible situation. Instead, it is designed to express [YOUR COMPANY NAME] philosophy and set forth general principles when using electronic media and services. Authorization Access to the [YOUR COMPANY NAME] technology resources is within the sole discretion of the Company. Generally, employees are given access to the Company's various technologies based onf their job functions. Only employees whose job performance will benefit from the use of the Company's technology resources will be given access to the necessary technology. Additionally, employees must successfully complete company-approved training before being given access to the [YOUR COMPANY NAME] technology resources. PROHIBITED COMMUNICATIONS Electronic media cannot be used for knowingly copying, transmitting, retrieving, or storing any communication that is: Discriminatory or harassing; Derogatory to any individual or group; Obscene, sexually explicit, pornographic, defamatory or threatening; In violation of any license governing the use of software; Engaged in for any purpose that is illegal or contrary to [YOUR COMPANY NAME] policy or in a manner contrary to the best interests of the Company, in any way that discloses confidential or proprietary information of the Company or third parties, or for personal or pecuniary gain; or Protected by copyrights laws unless the employee has the author's permission or is accessing a single copy only for the employee's reference. PROFESSIONAL CONSIDERATIONS It is important to maintain a proper spirit and tone to your communications over the system. The following guidelines are suggested: Make your communications positive, constructive, complete, factual. Don't write when angry and edit before sending. Be careful with humor - they can't see you wink. Always avoid sarcastic humor. Never use all caps - that is perceived as \"SHOUTING!\" Avoid belaboring disagreements in email - there is a time for face-to-face meetings. Always guide your recipient in responding by stating what you need and by when. Pay attention to grammar and spelling, both to protect your own reputation and intelligence, and to avoid irritating your recipients who are distracted by careless mistakes. PERSONAL USE The computers, electronic media and services provided by [YOUR COMPANY NAME] are primarily for business use to assist employees in the performance of their jobs. As long as personal use does not interfere with the employee's duties, is not done for pecuniary gain, does not conflict with the Company's business, and does not violate any Company policy, occasional, or incidental use of electronic media (sending or receiving) for personal, non-business purposes is understandable and acceptable, and all such use should be done in a manner that does not negatively affect the systems' use for their business purposes. However, employees are expected to demonstrate a sense of responsibility and not abuse this privilege. The Company assumes no liability for loss, damage, destruction, alteration, disclosure, or misuse of any personal data or communications transmitted over or stored on the Company's technology resources. The Company accepts no responsibility or liability for the loss or nondelivery of any personal electronic mail or voicemail communications or any personal data stored on any Company property. The Company strongly discourages employees from storing any personal data on any of the Company's technology resources. ACCESS TO EMPLOYEE COMMUNICATIONS Generally, electronic information created and/or communicated by an employee using email, word processing, utility programs, spreadsheets, voicemail, telephones, Internet and bulletin board system access, and similar electronic media is not reviewed by the company. However, the following conditions should be noted: [YOUR COMPANY NAME] does routinely gather logs for most electronic activities or monitor employee communications directly, be it: Telephone Use and Voicemail: Records are kept of all calls made from and to a given telephone extension. Although voicemail is password protected, an authorized administrator can reset the password and listen to voicemail messages. Electronic Mail: Electronic mail is backedup and archived. Although electronic mail is password protected, an authorized administrator can reset the password and read electronic mail. Desktop Facsimile Use: Copies of all facsimile transmissions sent and received are maintained in the facsimile server. Document Use: Each document stored on Company computers has a history, which shows which users have accessed the document for any purpose. Internet Use: Internet sites visited, the number of times visited, and the total time connected to each site is recorded and periodically monitored. [YOUR COMPANY NAME] reserves the right, at its discretion and without notice, to review any employee's electronic files and messages to the extent necessary to ensure electronic media and services are being used in compliance with the law, this policy and other company policies, or to investigate misconduct, to locate information, or for any other business purpose. Employees should understand, therefore, that they have no right of privacy with respect to any messages or information created or maintained on the Company's technology resources, including personal information or messages. Accordingly, if they have sensitive information to transmit, they should use other means. All messages sent and received, including personal messages, and all data and information stored on the Company's electronicmail system, voicemail system, or computer systems are Company property regardless of the content. As such, the Company reserves the right to access all of its technology resources including its computers, voicemail, and electronicmail systems, at any time, in its sole discretion. Passwords do not confer any right of privacy upon any employee of the Company. Employees are expected to maintain their passwords as confidential. Employees must not share passwords and must not access coworkers' systems without express authorization.",null,"Computer Use Policy","6",81,"doc","https://templates.business-in-a-box.com/imgs/1000px/computer-use-policy-D705.png","https://templates.business-in-a-box.com/imgs/250px/705.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#705.xml",{"title":6,"description":6},[16,19],{"label":17,"url":18},"Human Resources","/templates/human-resources/",{"label":20,"url":21},"Company Policies","/templates/company-policies/","computer use policy","Computer Use Policy Template","https://templates.business-in-a-box.com/imgs/400px/705.png","https://templates.business-in-a-box.com/imgs/600px/705.png",[27,16,19],{"label":28,"url":29},"Templates","/templates/",[31,32,35],{"label":28,"url":29},{"label":33,"url":34},"Software & Technology","/templates/software-technology/",{"label":36,"url":37},"Cybersecurity Policies","/templates/cybersecurity-policies/",[39,43,47,51,55,59,63,67,71,75,79,83,87,103,117,131,148,161],{"label":40,"url":41,"thumb":42,"extension":10},"Acceptable Use Policy","/template/acceptable-use-policy-D12622","https://templates.business-in-a-box.com/imgs/250px/12622.png",{"label":44,"url":45,"thumb":46,"extension":10},"AI Acceptable Use Policy","/template/ai-acceptable-use-policy-D13900","https://templates.business-in-a-box.com/imgs/250px/13900.png",{"label":48,"url":49,"thumb":50,"extension":10},"IT Acceptable Use Policy","/template/it-acceptable-use-policy-D13720","https://templates.business-in-a-box.com/imgs/250px/13720.png",{"label":52,"url":53,"thumb":54,"extension":10},"Corporate Social Media Use Policy","/template/corporate-social-media-use-policy-D13636","https://templates.business-in-a-box.com/imgs/250px/13636.png",{"label":56,"url":57,"thumb":58,"extension":10},"Term Of Use","/template/term-of-use-D12706","https://templates.business-in-a-box.com/imgs/250px/12706.png",{"label":60,"url":61,"thumb":62,"extension":10},"Computer Lease Agreement","/template/computer-lease-agreement-D1138","https://templates.business-in-a-box.com/imgs/250px/1138.png",{"label":64,"url":65,"thumb":66,"extension":10},"Business Use Case","/template/business-use-case-D13509","https://templates.business-in-a-box.com/imgs/250px/13509.png",{"label":68,"url":69,"thumb":70,"extension":10},"Equipment Use Agreement","/template/equipment-use-agreement-D12844","https://templates.business-in-a-box.com/imgs/250px/12844.png",{"label":72,"url":73,"thumb":74,"extension":10},"License to Use Agreement","/template/license-to-use-agreement-D1149","https://templates.business-in-a-box.com/imgs/250px/1149.png",{"label":76,"url":77,"thumb":78,"extension":10},"Vehicle Use Agreement","/template/vehicle-use-agreement-D13798","https://templates.business-in-a-box.com/imgs/250px/13798.png",{"label":80,"url":81,"thumb":82,"extension":10},"Computer Science Code Of Ethics","/template/computer-science-code-of-ethics-D13932","https://templates.business-in-a-box.com/imgs/250px/13932.png",{"label":84,"url":85,"thumb":86,"extension":10},"Computer Technician Job Description","/template/computer-technician-job-description-D11637","https://templates.business-in-a-box.com/imgs/250px/11637.png",{"description":88,"descriptionCustom":6,"label":89,"pages":90,"size":91,"extension":10,"preview":92,"thumb":93,"svgFrame":94,"seoMetadata":95,"parents":96,"keywords":101,"url":102},"Employee Handbook Understanding employment at [YOUR COMPANY NAME] Revised on [DATE] Prepared By: [YOUR NAME] [YOUR JOB TITLE] Phone 555.555.5555 Email info@yourbusiness.com www.yourbusiness.com Table of Content Table of Content 2 Welcome to [YOUR COMPANY NAME]! 5 1. Organization Description 6 1.1 Introductory Statement 6 1.2 Customer Relations 6 1.3 Products and Services Provided 7 1.4 Facilities and Location(s) 7 1.5 The History of [YOUR COMPANY NAME] 7 1.6 Management Philosophy 7 1.7 Goals 8 2. The Employment 9 2.1 Nature of Employment 9 2.2 Employee Relations 9 2.3 Equal Employment Opportunity 10 2.4 Diversity 10 2.5 Business Ethics and Conduct 12 2.6 Personal Relationships in the Workplace 13 2.7 Conflicts of Interest 13 2.8 Outside Employment 14 2.9 Non-Disclosure 15 2.10 Disability Accommodation 16 2.11 Job Posting and Employee Referrals 17 2.12 Whistleblower Policy 18 2.13 Accident and First Aid 20 3. Employment Status and Records 21 3.1 Employment Categories 21 3.2 Access to Personnel Files 22 3.3 Personnel Data Changes 23 3.4 Probation Period 23 3.5 Employment Applications 24 3.6 Performance Evaluation 24 3.7 Job Descriptions 25 3.8 Salary Administration 25 3.9 Professional Development 26 4. Employee Benefit Programs 27 4.1 Employee Benefits 27 4.2 Vacation Benefits 27 4.3 Military Service Leave 29 4.4 Religious Observance 29 4.5 Holidays 29 4.6 Workers Insurance 30 4.7 Sick Leave Benefits 31 4.8 Bereavement Leave 32 4.9 Relocation Benefits 33 4.10 Educational Assistance 33 4.11 Health Insurance 34 4.12 Life Insurance 35 4.13 Long Term Disability 35 4.14 Marriage, Maternity and Parental Leave 36 5. Timekeeping / Payroll 40 5.1 Timekeeping 40 5.2 Paydays 40 5.3 Employment Termination 41 5.4 Administrative Pay Corrections 42 6. Work Conditions and Hours 43 6.1 Work Schedules 43 6.2 Absences 43 6.3 Jury Duty 45 6.4 Use of Phone and Mail Systems 45 6.5 Smoking 46 6.6 Meal Periods 46 6.7 Overtime 46 6.8 Use of Equipment 47 6.9 Telecommuting 47 6.10 Emergency Closing 48 6.11 Business Travel Expenses 49 6.12 Visitors in the Workplace 51 6.13 Computer and Email Usage 51 6.14 Internet Usage 52 6.15 Workplace Monitoring 54 6.16 Workplace Violence Prevention 55 7. Employee Conduct & Disciplinary Action 57 7.1 Employee Conduct and Work Rules 57 7.2 Sexual and Other Unlawful Harassment 58 7.3 Attendance and Punctuality 60 7.4 Personal Appearance 60 7.5 Return of Property 61 7.6 Resignation and Retirement 61 7.7 Security Inspections 62 7.8 Progressive Discipline 62 7.9 Problem Resolution 64 7.10 Workplace Etiquette 65 7.11 Suggestion Program 67 Acknowledgement of Receipt 68 Welcome to [YOUR COMPANY NAME]! On behalf of your colleagues, we welcome you to [YOUR COMPANY NAME] and wish you every success here. At [YOUR COMPANY NAME], we believe that each employee contributes directly to the growth and success of the company, and we hope you will take pride in being a member of our team. This handbook was developed to describe some of the expectations of our employees and to outline the policies, programs, and benefits available to eligible employees. Employees should become familiar with the contents of the employee handbook as soon as possible, for it will answer many questions about employment with [YOUR COMPANY NAME]. We believe that professional relationships are easier when all employees are aware of the culture and values of the organization. This guide will help you to better understand our vision for the future of our business and the challenges that are ahead. We hope that your experience here will be challenging, enjoyable, and rewarding. Again, welcome! [PRESIDENT NAME] President & CEO 1. Organization Description 1.1 Introductory Statement This handbook is designed to acquaint you with [YOUR COMPANY NAME] and provide you with information about working conditions, employee benefits, and some of the policies affecting your employment. You should read, understand, and comply with all provisions of the handbook. It describes many of your responsibilities as an employee and outlines the programs developed by [YOUR COMPANY NAME] to benefit employees. One of our objectives is to provide a work environment that is conducive to both personal and professional growth. No employee handbook can anticipate every circumstance or question about policy. As [YOUR COMPANY NAME] continues to grow, the need may arise and [YOUR COMPANY NAME] reserves the right to revise, supplement, or rescind any policies or portion of the handbook from time to time as it deems appropriate, in its sole and absolute discretion. Employees will be notified of such changes to the handbook as they occur. 1.2 Customer Relations Customers are among our organization's most valuable assets. Every employee represents [YOUR COMPANY NAME] to our customers and the public. The way we do our jobs presents an image of our entire organization. Customers judge all of us by how they are treated with each employee contact. Therefore, one of our first business priorities is to assist any customer or potential customer. Nothing is more important than being courteous, friendly, helpful, and prompt in the attention you give to customers. [YOUR COMPANY NAME] will provide customer relations and services training to all employees with extensive customer contact. Customers who wish to lodge specific comments or complaints should be directed to the [TITLE AND NAME OF THE PERSON RESPONSIBLE] for appropriate action. Our personal contact with the public, our manners on the telephone, and the communications we send to customers are a reflection not only of ourselves, but also of the professionalism of [YOUR COMPANY NAME]. Positive customer relations not only enhance the public's perception or image of [YOUR COMPANY NAME], but also pay off in greater customer loyalty and increased sales and profit. 1.3 Products and Services Provided You will find more information about our products and services by reading the [YOUR COMPANY NAME] Corporate Brochures. 1.4 Facilities and Location(s) Head Office: [ADDRESS] [CITY], [STATE] [ZIP/POSTAL CODE] [COUNTRY] 1.5 The History of [YOUR COMPANY NAME] [DESCRIBE THE HISTORY OF YOUR COMPANY HERE] 1.6 Management Philosophy [YOUR COMPANY NAME] management philosophy is based on responsibility and mutual respect. Our wishes are to maintain a work environment that fosters on personal and professional growth for all employees. Maintaining such an environment is the responsibility of every staff person. Because of their role, managers and supervisors have the additional responsibility to lead in a manner which fosters an environment of respect for each person. People who come to [YOUR COMPANY NAME] want to work here because we have created an environment that encourages creativity and achievement. [YOUR COMPANY NAME] aims to become a leader in [DESCRIBE YOUR COMPANY'S FIELD OF EXPERTISE]. The mainstay of our strategy will be to offer a level of client focus that is superior to that offered by our competitors. To help achieve this objective, [YOUR COMPANY NAME] seeks to attract highly motivated individuals that want to work as a team and share in the commitment, responsibility, risk taking, and discipline required to achieve our vision. Part of attracting these special individuals will be to build a culture that promotes both uniqueness and a bias for action. While we will be realistic in setting goals and expectations, [YOUR COMPANY NAME] will also be aggressive in reaching its objectives. This success will in turn enable [YOUR COMPANY NAME] to give its employees above average compensation and innovative benefits or rewards, key elements in helping us maintain our leadership position in the worldwide marketplace. 1.7 Goals [DESCRIBE YOUR COMPANY'S GOALS HERE] 2. The Employment 2","Employee Handbook","34",280,"https://templates.business-in-a-box.com/imgs/1000px/employee-handbook-D712.png","https://templates.business-in-a-box.com/imgs/250px/712.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#712.xml",{"title":6,"description":6},[97,99],{"label":17,"url":98},"human-resources",{"label":20,"url":100},"company-policies","employee handbook","/template/employee-handbook-D712",{"description":104,"descriptionCustom":6,"label":105,"pages":106,"size":107,"extension":10,"preview":108,"thumb":109,"svgFrame":110,"seoMetadata":111,"parents":113,"keywords":112,"url":116},"SOCIAL MEDIA POLICY PURPOSE [COMPANY NAME] recognizes that technology provides unique opportunities to build our business, listen, learn and engage with consumers, stakeholders and employees through the use of a wide variety of Social Media. However, how we use social media and what we say also has the potential to affect [COMPANY NAME]'s reputation and/or expose the Company (and each of us) to business or legal risk. Whilst we recognize the benefits which may be gained from appropriate use of social media, it is also important to be aware that it poses significant risks to our business. These risks include disclosure of confidential information and intellectual property, damage to our reputation and the risk of legal claims. Therefore, every employee has a personal responsibility to be familiar with and comply with [COMPANY NAME]'s overall Social Media Policy. This policy is designed to reflect our purpose, values and principles, our business conduct manual, and legal requirements. Because we use social media in a variety of ways, there are more specific expectations that may apply to your activities. SCOPE This policy covers all forms of social media, including Facebook, Instagram, LinkedIn, Twitter, Google+ Wikipedia, other social networking sites, and other internet postings, including blogs. It applies to the use of social media for both business and personal purposes, during working hours and in your own time to the extent that it may affect the business of the company. The policy applies both when the social media is accessed using our information systems and also when access using equipment or software belonging to employees or others. It also covers all employees and also others including consultants, contractors, and casual and agency staff. Breach of this policy may result in disciplinary action up to and including dismissal. Any misuse of social media should be reported to [SPECIFY]. Questions regarding the content or application of this policy should be directed to [SPECIFY]]. POLICY STATEMENT Although many users may consider their personal comments posted on social media or discussions on social networking sites to be private, these communications are frequently available to a larger audience than the author may realize. As a result, any online communication that directly or indirectly refers to [COMPANY NAME], our products and services, team members or other work-related issues, has the potential to damage [COMPANY NAME]'s reputation or interests. When participating in social media in a personal capacity, employees must: Not disclose [COMPANY NAME]'s confidential information, proprietary or sensitive information. Information is considered confidential when it is not readily available to the public. The majority of information used throughout [COMPANY NAME] is confidential. If you are in doubt about whether information is confidential, refer to the [COMPANY NAME] [EMPLOYEE HANDBOOK/CODE OF CONDUCT] and/or ask your manager before disclosing any information. Not use the [COMPANY NAME] logo or company branding on any social media platform without prior approval from [SPECIFY]; Not communicate anything that might damage [COMPANY NAME]'s reputation, brand image, commercial interests, or the confidence of our customers; Not represent or communicate on behalf of [COMPANY NAME] in the public domain without prior approval from [SPECIFY]; Not post any material that would directly or indirectly defame, harass, discriminate against or bully any [COMPANY NAME] team member, supplier or customer; Ensure, when identifying themselves (or when they may be identified) as a [COMPANY NAME] team member, that their social media communications are lawful and Comply with [COMPANY NAME]'s policies and procedures RESPONSIBLE USE OF SOCIA MEDIA Employee must not use social media in a way that might breach any of our policies, any express or implied contractual obligations, legislation, or regulatory requirements. In particular, use of social media must comply with: The Anti-Bullying and Sexual Harassment Policies Rules of relevant regulatory bodies; Contractual confidentiality requirements;","Social Media Policy","4",513,"https://templates.business-in-a-box.com/imgs/1000px/social-media-policy-D12688.png","https://templates.business-in-a-box.com/imgs/250px/12688.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#12688.xml",{"title":112,"description":6},"social media policy",[114,115],{"label":17,"url":98},{"label":20,"url":100},"/template/social-media-policy-D12688",{"description":118,"descriptionCustom":6,"label":119,"pages":120,"size":107,"extension":10,"preview":121,"thumb":122,"svgFrame":123,"seoMetadata":124,"parents":126,"keywords":129,"url":130},"REMOTE WORK AGREEMENT This Remote Work Agreement (the \"Agreement\") is effective [DATE], BETWEEN: [NAME OF THE EMPLOYER], (the \"Employer\" or \"Company\"), a Company organized and existing under the laws of the [State/Province] of [STATE/PROVINCE], with its head office located at: [COMPLETE ADDRESS] AND: [NAME OF THE EMPLOYEE], (the \"Employee\"), an individual with their main address located at: [COMPLETE ADDRESS] Collectively, the Employer and the Employee shall be referred to as the \"Parties.\" WHEREAS, the Company has made an offer to the Employee to work remotely in the capacity of [JOB TITLE] at the Company; NOW THEREFORE in consideration and as a condition of the Parties entering into this Agreement and other valuable considerations, the receipt and sufficiency of which consideration is acknowledged, the Parties agree as follows: APPOINTMENT The Company hereby offers the Employee appointment, and the Employee agrees to serve the Company to work remotely in the capacity of [JOB TITLE] as of [DATE] (the \"Effective Date\"). PROBATION PERIOD The Employee will be on a Probation Period for a period of [MONTHS/DAYS]. The Employee's confirmation as a permanent employee is subject to the Employee making a positive contribution to the Company and is further subject to meeting certain standards and qualifying criteria during the Probation Period. PLACE OF WORK The Employee shall perform their duties at the location of their choice. The Employee will report to the [SPECIFY THE DESIGNATION] on a needs basis in the following manner: [SPECIFY THE MANNER OF COMMUNICATION]. REMOTE WORK While working remotely, the Employee will remain accessible during the remote work. The Employee will check in with the supervisor to discuss status and open issues and be available for video/teleconferences, scheduled on an as-needed basis. The Employee will take rest and meal breaks while working remotely in full compliance with all applicable policies or collective bargaining agreements, and request supervisor approval to use vacation or sick leave. To ensure that the Employee's performance will not suffer in a remote work arrangement, the Employee is advised to choose a quiet and distraction-free working space, have an internet connection that is adequate for their job and dedicate their full attention to their job duties during working hours. Equipment. The Company will provide the Employee with equipment that is essential to their job duties, like laptops and headsets. The Employee will install VPN and company-required software when the Employee receives their equipment. The Employee must keep their equipment password protected, follow all data encryption, protection standards and settings, and refrain from downloading suspicious, unauthorized or illegal software. NOTICE PERIOD During the Probation Period, if the Employee's performance is found to be unsatisfactory or if it does not meet the prescribed criteria, the Employee's employment can be terminated by the Company with [NUMBER OF DAYS] day's notice or salary thereof. The Employee will be required to give [NUMBER OF MONTHS] months' notice or salary thereof in case the Employee decides to leave the Company. DUTIES The Employee shall perform all such duties as may be delegated by the Company and comply with all such directions as the Managing Director and/or his/her nominated deputies may from time to time assign or give to the Employee. [SPECIFY DUTIES] WORKING HOURS The total working hours will be [SPECIFY HOURS] hours on Mondays to Saturdays. It is expected that the Employee will be flexible with the working hours and work such additional hours as might be necessary to efficiently perform duties under this Agreement. The Company reserves the right to change the working days and the working hours. The Employee shall be entitled to leave and holidays as per the Leave Policy of the Company. In the event the Employee is absent from work and unable to perform duties satisfactorily by reason of any injury, illness or other reason acceptable to the Company, the Employee will be entitled to receive salary and other benefits for up to [NUMBER OF DAYS] consecutive working days during any such absence, within a period of 12 consecutive months. REMUNERATION The Employee's starting total monthly gross salary and during the Probation Period will be as per details in the annexure, hereinafter known as Exhibit A. Any bonus is subject to review in accordance with the Company's practice and policies from time to time, however, there shall be no obligation on the Company to increase the salary or award bonuses at any point of time, save and except at its sole discretion. The Company shall pay or refund or procure to be paid or refunded all reasonable travelling and other similar out of pocket expenses necessarily and incurred by the Employee wholly in the proper performance of duties, subject to production by the Employee of such evidence of the expenses as the Company may reasonably require. The Employee will be required to fill in the claims forms in which the Employee shall provide the correct information of the expenses incurred. CONFIDENTIALITY AND INTELLECTUAL PROPERTY If at any time during the Employee's employment under this Agreement, the Employee participates in the making or discovery of any Intellectual Property directly or indirectly relating to or capable of being used by the Company, full details of the Intellectual Property shall immediately be disclosed in writing by the Employee to the Company and the Intellectual Property shall be the absolute property of the Company. At the request and expense of the Company, the Employee shall give and supply all such information, data, drawings, and assistance as may be necessary or in the opinion of the Company desirable to enable the Company to exploit the Intellectual Property to the best advantage as decided by the Company. The Employee shall execute all documents and do all things which may, in the opinion of the Company, be necessary or desirable for obtaining copyright, design or other protection for the Intellectual Property and for vesting the same in the Company, as the Company may direct. As Confidential Information will from time to time become known to the Employee, the Company considers and the Employee agrees that the restraints set forth in this Agreement are necessary for the reasonable protection by the Company of its business or the business of the Group, the clients thereof or their respective affairs. The Employee shall not at any time, either during the continuance of or after the termination of Employment with the Company, use, disclose or communicate to any person whatsoever any Confidential Information which the Employee has or of which he may have become possessed during employment with the Company nor shall he supply the names or addresses of any clients, customers, vendors or agents of the Company or any company of the Group to any person except as authorised by the Company or as ordered by a court of competent jurisdiction. The Employee consents to the Company holding and processing, both electronically and manually, the data it collects relating to the Employee in the course of employment, for the purpose of the Company's administration and management of its employees, its business and to comply with applicable procedures, laws and regulations. ","Remote Work Agreement","8","https://templates.business-in-a-box.com/imgs/1000px/remote-work-agreement-D13282.png","https://templates.business-in-a-box.com/imgs/250px/13282.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#13282.xml",{"title":125,"description":6},"remote work agreement",[127,128],{"label":17,"url":98},{"label":20,"url":100},"remote work policy","/template/remote-work-policy-D13282",{"description":132,"descriptionCustom":6,"label":133,"pages":134,"size":107,"extension":10,"preview":135,"thumb":136,"svgFrame":137,"seoMetadata":138,"parents":140,"keywords":139,"url":147},"NON-DISCLOSURE AGREEMENT (NDA) This Non-Disclosure Agreement (the \"Agreement\") is made and effective [DATE], BETWEEN: [YOUR COMPANY NAME] (the \"Disclosing Party\"), a corporation organized and existing under the laws of the [State/Province] of [STATE/PROVINCE], with its head office located at: [YOUR COMPLETE ADDRESS] AND: [RECEIVING PARTY NAME] (the \"Receiving Party\"), an individual with his main address located at OR a corporation organized and existing under the laws of the [State/Province] of [STATE/PROVINCE], with its head office located at: [COMPLETE ADDRESS] WHEREAS, Receiving Party has been or will be engaged in the performance of work on [DESCRIBE]; and in connection therewith will be given access to certain confidential and proprietary information; and WHEREAS, Receiving Party and Disclosing Party wish to evidence by this Agreement the manner in which said confidential and proprietary material will be treated. NOW, THEREFORE, it is agreed as follows: NON-DISCLOSURE OF CONFIDENTIAL INFORMATION Both Parties understand and agree that each Party may have access to the confidential information of the other party. For the purposes of this Agreement, \"Confidential Information\" means proprietary and confidential information about the Disclosing Party's (or it's suppliers') business or activities. Such information includes all business, financial, technical, and other information marked or designated by such Party as \"confidential\" or \"proprietary.\" Confidential Information also includes information which, by the nature of the circumstances surrounding the disclosure, ought in good faith to be treated as confidential. For the purposes of this Agreement, Confidential Information does not include: Information that is currently in the public domain or that enters the public domain after the signing of this Agreement. Information a Party lawfully receives from a third Party without restriction on disclosure and without breach of a non-disclosure obligation. Information that the Receiving Party knew prior to receiving any Confidential Information from the Disclosing Party. Information that the Receiving Party independently develops without reliance on any Confidential Information from the Disclosing Party. Each Party agrees that it will not disclose to any third Party or use any Confidential Information disclosed to it by the other Party except when expressly permitted in writing by the other Party. Each Party also agrees that it will take all reasonable measures to maintain the confidentiality of all Confidential Information of the other Party in its possession or control. TERM The term of this Agreement is [number] of [years/months] from the date of execution by both Parties. TITLE The Receiving Party agrees that all Confidential Information furnished by the Disclosing Party shall remain the sole property of the Disclosing Party. DISCLAIMER","Non Disclosure Agreement Nda","3","https://templates.business-in-a-box.com/imgs/1000px/non-disclosure-agreement-nda-D12692.png","https://templates.business-in-a-box.com/imgs/250px/12692.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#12692.xml",{"title":139,"description":6},"non disclosure agreement nda",[141,144],{"label":142,"url":143},"Legal Agreements","business-legal-agreements",{"label":145,"url":146},"Confidentiality Agreements","confidentiality-agreement","/template/non-disclosure-agreement-nda-D12692",{"description":149,"descriptionCustom":6,"label":150,"pages":151,"size":107,"extension":10,"preview":152,"thumb":153,"svgFrame":154,"seoMetadata":155,"parents":157,"keywords":156,"url":160},"DISCIPLINARY ACTION POLICY PURPOSE The purpose of this Disciplinary Action Policy is to establish a clear framework and guidelines for addressing employee misconduct, policy violations, and performance issues in a fair and consistent manner. This Policy aims to promote a positive work environment, ensure compliance with company policies, and provide opportunities for employee growth and improvement. SCOPE This Policy applies to all employees at [COMPANY NAME], including full-time, part-time, temporary, and contract workers. It covers a wide range of infractions, including but not limited to misconduct, violation of company policies, insubordination, unethical behavior, harassment, discrimination, poor performance, and any actions that may negatively impact the workplace or the organization's reputation. PRINCIPLES OF DISCIPLINARY ACTION Fairness: All disciplinary actions will be conducted in a fair and unbiased manner, providing employees with an opportunity to present their side of the story and defend themselves against allegations. Consistency: Disciplinary actions will be applied consistently throughout the organization, ensuring that similar infractions are treated similarly. Progressive Approach: Whenever possible, a progressive approach to discipline will be followed, with escalating consequences for repeated or severe infractions. However, the organization reserves the right to skip progressive steps in cases of serious misconduct. Confidentiality: Disciplinary matters will be treated with strict confidentiality, only shared with individuals who have a legitimate need to know, while maintaining compliance with applicable privacy laws. DISCIPLINARY PROCEDURES Investigation: Before initiating any disciplinary action, a thorough and impartial investigation will be conducted to gather facts and evidence regarding the alleged misconduct or performance issue. The investigation may involve interviews, document review, and any other relevant means of gathering information.","Disciplinary Action Policy","2","https://templates.business-in-a-box.com/imgs/1000px/disciplinary-action-policy-D13486.png","https://templates.business-in-a-box.com/imgs/250px/13486.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#13486.xml",{"title":156,"description":6},"disciplinary action policy",[158,159],{"label":17,"url":98},{"label":20,"url":100},"/template/disciplinary-action-policy-D13486",{"description":162,"descriptionCustom":6,"label":163,"pages":134,"size":107,"extension":10,"preview":164,"thumb":165,"svgFrame":166,"seoMetadata":167,"parents":169,"keywords":172,"url":173},"DATA BREACH RESPONSE & NOTIFICATION POLICY INTRODUCTION The Data Breach Response and Notification Policy of [COMPANY NAME] outlines the procedures and responsibilities for responding to data breaches and ensuring that affected individuals and regulatory authorities are promptly and accurately informed. This Policy is designed to minimize the impact of data breaches, protect sensitive information, and comply with applicable data protection laws and regulations. PURPOSE The purpose of this Policy is to: Establish a framework for detecting, assessing, and responding to data breaches. Define the process for notifying affected individuals, regulatory authorities, and other relevant parties. Ensure that data breaches are managed in a transparent, responsible, and compliant manner. DEFINITIONS Data Breach: The unauthorized access, acquisition, use, disclosure, or destruction of personal or sensitive information that compromises its security, confidentiality, or integrity. DATA BREACH RESPONSE TEAM [COMPANY NAME] will establish a Data Breach Response Team (DBRT) consisting of designated individuals responsible for managing data breaches. The DBRT may include representatives from IT, Legal, HR, and other relevant departments. DETECTION AND ASSESSMENT The DBRT will promptly investigate and assess suspected or confirmed data breaches to determine their scope, impact, and severity. The assessment will include identifying the type of data involved, the number of affected individuals, potential risks, and applicable data protection regulations. CONTAINMENT AND MITIGATION ","Data Breach Response and Notification Policy","https://templates.business-in-a-box.com/imgs/1000px/data-breach-response-and-notification-policy-D13650.png","https://templates.business-in-a-box.com/imgs/250px/13650.png","https://templates.business-in-a-box.com/svgs/docviewerWebApp1.html?v6#13650.xml",{"title":168,"description":6},"data breach response and notification policy",[170,171],{"label":17,"url":98},{"label":20,"url":100},"data breach response notification policy","/template/data-breach-response-and-notification-policy-D13650",false,{"seo":176,"reviewer":186,"legal_disclaimer":174,"quick_facts":190,"at_a_glance":192,"personas":196,"variants":221,"glossary":248,"sections":279,"how_to_fill":330,"common_mistakes":371,"faqs":396,"industries":424,"comparisons":449,"diy_vs_pro":461,"educational_modules":474,"related_template_ids_curated":477,"schema":484,"classification":486},{"meta_title":177,"meta_description":178,"primary_keyword":179,"secondary_keywords":180},"Computer Use Policy Template (Free Word)","Free computer use policy template for businesses. Covers acceptable use, security, privacy, and disciplinary procedures. Used in 190+ countries. Free Word and PDF download.","computer use policy template",[181,182,183,184,185],"computer use policy template word","employee computer use policy","computer acceptable use policy","workplace computer policy template","computer use policy free download",{"name":187,"credential":188,"reviewed_date":189},"Bruno Goulet","CEO, Business in a Box","2026-05-02",{"difficulty":191,"legal_review_recommended":174,"signature_required":174},"medium",{"what_it_is":193,"when_you_need_it":194,"whats_inside":195},"A Computer Use Policy is an internal business document that defines how employees may use company-owned computers, networks, software, and internet access — and what is expressly prohibited. This free Word download gives you a ready-to-edit policy you can tailor to your organization's systems and risk tolerance, then distribute to staff and store in your employee handbook.\n","Use it when onboarding new employees, updating an outdated IT policy, or after a security incident that revealed gaps in acceptable-use guidance. Any organization issuing devices or network access to staff needs a documented policy before problems arise, not after.\n","Purpose and scope, definitions of covered systems and users, acceptable and prohibited use rules, internet and email guidelines, data security requirements, monitoring and privacy disclosures, BYOD provisions, and disciplinary consequences for violations.\n",[197,201,205,209,213,217],{"title":198,"use_case":199,"icon_asset_id":200},"HR managers","Embedding device and internet use rules into the employee handbook at onboarding","persona-hr-manager",{"title":202,"use_case":203,"icon_asset_id":204},"IT managers","Formalizing acceptable-use rules to support security audits and incident response","persona-it-manager",{"title":206,"use_case":207,"icon_asset_id":208},"Small business owners","Establishing clear boundaries on employee computer use without a dedicated IT team","persona-small-business-owner",{"title":210,"use_case":211,"icon_asset_id":212},"Operations directors","Standardizing device and network use rules across multiple offices or remote teams","persona-operations-director",{"title":214,"use_case":215,"icon_asset_id":216},"Compliance officers","Satisfying audit requirements that mandate a documented acceptable-use policy","persona-compliance-officer",{"title":218,"use_case":219,"icon_asset_id":220},"Startup founders","Setting IT use expectations for a growing team before informal norms create liability","persona-startup-founder",[222,226,230,233,237,241,245],{"situation":223,"recommended_template":224,"slug":225},"Employees using personal devices to access company systems","BYOD Policy","bring-your-own-device-policy-byod-D12626",{"situation":227,"recommended_template":228,"slug":229},"Remote or hybrid team needing home-office technology rules","Remote Work Policy","remote-work-policy-D13282",{"situation":231,"recommended_template":105,"slug":232},"Covering employee use of social media on company time or devices","social-media-policy-D12688",{"situation":234,"recommended_template":235,"slug":236},"Governing how staff handle sensitive customer or employee data","Data Protection Policy","customer-data-protection-policy-D13645",{"situation":238,"recommended_template":239,"slug":240},"Addressing employee email use, retention, and monitoring","Email Use Policy","acceptable-use-policy-D12622",{"situation":242,"recommended_template":243,"slug":244},"Regulating access to and use of cloud-based SaaS tools","IT Security Policy","it-security-policy-D13722",{"situation":246,"recommended_template":247,"slug":240},"Setting rules for software installation and licensing compliance","Software Use Policy",[249,252,255,258,261,264,267,270,273,276],{"term":250,"definition":251},"Acceptable Use","The range of activities an employee is permitted to perform using company-owned technology resources, as defined by the organization's policy.",{"term":253,"definition":254},"Company Systems","All hardware, software, networks, and data storage resources owned, leased, or managed by the organization — including laptops, servers, and cloud accounts.",{"term":256,"definition":257},"BYOD (Bring Your Own Device)","A workplace arrangement in which employees use personal smartphones, laptops, or tablets to access company data or systems.",{"term":259,"definition":260},"Monitoring","The organization's right to inspect, log, or review activity on company-owned systems and networks — including emails, browsing history, and file access.",{"term":262,"definition":263},"Privileged Access","Elevated system permissions granted to IT administrators or specific roles that allow access to sensitive systems beyond standard user rights.",{"term":265,"definition":266},"Data Classification","A framework that labels data by sensitivity level — such as public, internal, confidential, or restricted — to determine handling and sharing rules.",{"term":268,"definition":269},"Incident","Any event that violates the computer use policy or threatens the security, integrity, or availability of company systems and data.",{"term":271,"definition":272},"Remote Access","The ability to connect to company systems from outside the office, typically via VPN or a secure cloud application.",{"term":274,"definition":275},"Software License","A legal agreement that grants the right to use a specific software product under defined conditions, including the number of permitted users or devices.",{"term":277,"definition":278},"VPN (Virtual Private Network)","An encrypted connection that routes internet traffic through a secure server, used to protect data when employees access company systems remotely.",[280,285,290,295,300,305,310,315,320,325],{"name":281,"plain_english":282,"sample_language":283,"common_mistake":284},"Purpose and scope","States why the policy exists, which systems and data it covers, and which employees and contractors are bound by it.","This Computer Use Policy applies to all employees, contractors, and vendors of [COMPANY NAME] who use company-owned or company-managed technology resources, including hardware, software, networks, and internet access.","Limiting scope to full-time employees only. Contractors and vendors accessing company systems on a short-term basis can cause the same security incidents as permanent staff — and should be explicitly covered.",{"name":286,"plain_english":287,"sample_language":288,"common_mistake":289},"Definitions","Defines key terms used throughout the policy so every reader interprets rules the same way — including 'company systems,' 'confidential data,' and 'authorized user.'","'Company Systems' means all hardware, software, networks, cloud services, and data storage resources owned, leased, or managed by [COMPANY NAME]. 'Authorized User' means any individual granted access credentials by [IT DEPARTMENT / MANAGER NAME].","Omitting definitions entirely and assuming terms are self-evident. Vague language creates disputes over whether a specific action was prohibited and weakens disciplinary proceedings.",{"name":291,"plain_english":292,"sample_language":293,"common_mistake":294},"Acceptable use","Describes what employees are permitted to do — primarily business-related tasks — and acknowledges limited personal use if the organization allows it.","Company Systems are provided for business purposes. Employees may use company internet access for limited personal use during non-work hours provided such use does not consume excessive bandwidth, violate any other provision of this policy, or compromise system security.","Banning all personal use without acknowledging that a zero-tolerance rule is rarely enforced and can undermine credibility. A clear 'limited personal use' carve-out with defined conditions is more practical and legally defensible.",{"name":296,"plain_english":297,"sample_language":298,"common_mistake":299},"Prohibited activities","Lists specific behaviors that are never permitted — illegal activity, accessing inappropriate content, installing unauthorized software, sharing credentials, or circumventing security controls.","Employees may not use Company Systems to: (a) access, download, or distribute illegal, obscene, or harassing content; (b) install unauthorized software or applications; (c) share login credentials with any other person; (d) attempt to bypass firewalls, filters, or other security controls.","Using a catch-all phrase like 'any inappropriate use' without specific examples. Disciplinary actions are harder to defend when the policy did not clearly identify the prohibited behavior by name.",{"name":301,"plain_english":302,"sample_language":303,"common_mistake":304},"Internet and email use","Sets rules for web browsing and company email — prohibited site categories, email retention, use of personal email on company devices, and rules around attachments.","Employees shall use company email accounts for all business communications. Personal email accounts shall not be used to transmit company data. Attachments containing [CONFIDENTIAL / RESTRICTED] data must be encrypted before transmission.","Failing to address use of personal email on company devices. Employees who forward work files to Gmail or Hotmail create a data-leakage risk the policy should explicitly prohibit.",{"name":306,"plain_english":307,"sample_language":308,"common_mistake":309},"Data security requirements","Establishes baseline security practices employees must follow — password standards, screen-lock timeouts, software update compliance, and rules for handling removable media.","All employees must use passwords of at least [12] characters containing uppercase, lowercase, numbers, and symbols. Screens must lock automatically after [10] minutes of inactivity. Removable storage devices (USB drives) require prior authorization from [IT DEPARTMENT].","Setting a password minimum of 8 characters, which no longer meets NIST SP 800-63B guidance updated in 2024 recommending at least 15 characters for memorized secrets.",{"name":311,"plain_english":312,"sample_language":313,"common_mistake":314},"Monitoring and privacy","Discloses that the company may monitor activity on its systems, explains what may be reviewed, and confirms employees have no expectation of privacy when using company technology.","[COMPANY NAME] reserves the right to monitor, access, review, audit, copy, and disclose all data created, received, stored, or transmitted on Company Systems, with or without prior notice, to the extent permitted by applicable law.","Burying the monitoring disclosure in section 8 of a 10-section policy. Courts and employment tribunals look for evidence the employee was clearly notified; the disclosure should appear early and be acknowledged at signing.",{"name":316,"plain_english":317,"sample_language":318,"common_mistake":319},"BYOD and remote access","Governs personal devices used to access company systems and remote connections, including VPN requirements, mobile device management (MDM) enrollment, and what happens to company data if a personal device is lost or wiped.","Employees accessing Company Systems from a personal device must enroll the device in [COMPANY NAME]'s mobile device management platform. The company reserves the right to remotely wipe company data from any enrolled device upon separation or loss.","Not addressing the remote-wipe scenario. Employees who discover the company can wipe their personal phone after reading the policy feel blindsided — the BYOD section should make this explicit before enrollment.",{"name":321,"plain_english":322,"sample_language":323,"common_mistake":324},"Violations and disciplinary consequences","States the range of consequences for policy violations — from verbal warning to termination — and confirms that severe violations may be referred to law enforcement.","Violations of this policy may result in disciplinary action up to and including termination of employment. Violations involving illegal activity will be reported to appropriate law enforcement authorities. [COMPANY NAME] reserves the right to pursue civil remedies for losses caused by willful violations.","Promising a rigid progressive-discipline sequence (warning → suspension → termination) that ties HR's hands in serious incidents. Use 'up to and including termination' language to preserve discretion.",{"name":326,"plain_english":327,"sample_language":328,"common_mistake":329},"Policy review and updates","Commits the organization to reviewing the policy on a defined schedule and explains how updates will be communicated to employees.","This policy will be reviewed annually by [IT MANAGER / HR DIRECTOR] and updated as necessary to reflect changes in technology, law, or business operations. Employees will be notified of material changes and asked to re-acknowledge the updated policy.","No review schedule at all. Policies written in 2019 that still reference floppy disks or don't mention cloud services or AI tools signal to auditors — and employees — that the organization's governance is not current.",[331,336,341,346,351,356,361,366],{"step":332,"title":333,"description":334,"tip":335},1,"Define scope and covered systems","List every category of technology resource the policy governs — laptops, desktops, mobile devices, cloud accounts, VPN, and any specialized equipment. Confirm whether contractors and vendors are included.","A scope that is too narrow is more dangerous than one that is too broad — when in doubt, include the resource category and carve out exceptions later.",{"step":337,"title":338,"description":339,"tip":340},2,"Identify your acceptable-use position on personal use","Decide whether to prohibit all personal use, allow limited personal use during non-work hours, or allow reasonable personal use at any time. Document the chosen position clearly in the acceptable-use section.","A blanket ban is rarely enforced and creates a credibility problem. 'Limited personal use that does not interfere with work or consume excessive bandwidth' is a defensible and practical standard.",{"step":342,"title":343,"description":344,"tip":345},3,"Draft the prohibited activities list with specifics","List prohibited behaviors by name — downloading pirated software, accessing adult content, sharing passwords, using company email for personal business schemes. General catch-all language is insufficient for discipline.","Review your last three IT incidents and add a specific prohibition for each behavior that caused them — this turns your history into prevention.",{"step":347,"title":348,"description":349,"tip":350},4,"Set minimum data security standards","Specify password length and complexity requirements, screen-lock timeout period, mandatory software update compliance window, and encryption requirements for portable media and email attachments containing sensitive data.","Align your password standards with NIST SP 800-63B (15+ characters for new policies) so your policy doesn't immediately contradict current security guidance.",{"step":352,"title":353,"description":354,"tip":355},5,"Write the monitoring and privacy disclosure","State clearly that the company may monitor all activity on company systems, that employees have no expectation of privacy, and that monitoring may occur without prior notice. Place this section early in the document.","Have employees sign an acknowledgment that specifically references the monitoring disclosure — not just 'I have read the policy' — to create a stronger record.",{"step":357,"title":358,"description":359,"tip":360},6,"Address BYOD and remote access if applicable","If employees access company data on personal devices or from home, add provisions covering MDM enrollment, VPN requirements, and the company's right to remote-wipe company data from personal devices.","If your organization does not currently support BYOD but employees are doing it informally, this section should prohibit it explicitly rather than leaving it unaddressed.",{"step":362,"title":363,"description":364,"tip":365},7,"Set the disciplinary consequence range","State that violations may result in discipline up to and including termination, and that illegal activity will be referred to law enforcement. Avoid a rigid step-by-step sequence that removes HR discretion in serious cases.","Cross-reference your employee handbook's general disciplinary policy to ensure consistency — contradictions between the two documents create problems in termination proceedings.",{"step":367,"title":368,"description":369,"tip":370},8,"Schedule annual review and get acknowledgments","Set a named owner and an annual review date. Distribute the policy to all employees, collect signed acknowledgments, and store them in each employee's personnel file.","Re-collect acknowledgments every time the policy is materially updated — a signature on a 2021 version is not evidence of notice of a 2025 change.",[372,376,380,384,388,392],{"mistake":373,"why_it_matters":374,"fix":375},"Scope limited to full-time employees only","Contractors, vendors, and interns who access company systems under an incomplete policy represent the same data-breach risk as permanent staff — without the same accountability framework.","Expand the scope clause to cover all individuals who are granted access to company systems, regardless of employment classification.",{"mistake":377,"why_it_matters":378,"fix":379},"No monitoring disclosure or a buried one","In several jurisdictions, monitoring employees without adequate prior notice creates legal exposure. A disclosure that appears only in an appendix may not meet the 'clear notice' standard courts apply.","Place the monitoring and privacy section in the first third of the policy and require employees to initial or specifically acknowledge it at signing.",{"mistake":381,"why_it_matters":382,"fix":383},"Password standards below current guidance","Specifying an 8-character password minimum — common in older policies — contradicts NIST SP 800-63B updated guidance and signals to auditors that the policy has not been reviewed recently.","Update the password section to require at least 15 characters and prohibit re-use of the last five passwords, consistent with current NIST recommendations.",{"mistake":385,"why_it_matters":386,"fix":387},"No BYOD or remote access provisions","If employees are accessing company email or files from personal phones and the policy is silent on this, the organization has no documented basis to enforce data security requirements on those devices or respond to a lost-device incident.","Add a BYOD section that covers MDM enrollment requirements, VPN use, and the company's remote-wipe right — even if current practice is to discourage BYOD, document the rule explicitly.",{"mistake":389,"why_it_matters":390,"fix":391},"Rigid progressive-discipline sequence for all violations","Committing to 'warning → suspension → termination' for all violations means HR cannot skip to termination for a serious first offence like downloading malware or exfiltrating customer data.","Use 'up to and including termination' language and reserve the right to bypass progressive steps for violations involving illegal activity, data breaches, or wilful misconduct.",{"mistake":393,"why_it_matters":394,"fix":395},"No scheduled policy review date","A computer use policy that hasn't been updated since 2018 won't mention cloud storage, SaaS tools, AI assistants, or remote work — gaps that leave real behaviors ungoverned and signal poor IT governance to auditors.","Name a policy owner and set an annual review date in the policy itself. Treat the review date as a compliance deadline, not a suggestion.",[397,400,403,406,409,412,415,418,421],{"question":398,"answer":399},"What is a computer use policy?","A computer use policy is an internal document that defines the rules governing how employees may use an organization's computers, networks, internet access, and software. It sets out acceptable and prohibited activities, data security requirements, monitoring rights, and the consequences of violations. It applies to all individuals who access company technology resources, including contractors and remote workers.\n",{"question":401,"answer":402},"Why does a business need a computer use policy?","Without a documented policy, the organization has no enforceable standard to apply when an employee misuses technology, downloads malware, or leaks data. The policy creates the legal and procedural foundation for disciplinary action, supports insurance and audit requirements, and notifies employees of monitoring practices before they occur — reducing both security risk and legal exposure.\n",{"question":404,"answer":405},"What is the difference between a computer use policy and an acceptable use policy?","The terms are used interchangeably in most organizations. A computer use policy typically focuses on physical hardware and network access, while an acceptable use policy (AUP) may cover a broader range of technology resources including cloud services, SaaS platforms, and personal devices. In practice, a well-drafted computer use policy covers everything an AUP would and the distinction is largely cosmetic.\n",{"question":407,"answer":408},"Should employees sign the computer use policy?","Yes. Requiring each employee to sign and date an acknowledgment that they have read and understood the policy creates a documented record that is essential for disciplinary proceedings and audits. Collect re-acknowledgments every time the policy is materially updated — a signature on an older version does not confirm awareness of a new restriction.\n",{"question":410,"answer":411},"Can an employer monitor employee computer use?","In most jurisdictions employers can monitor activity on company-owned systems provided employees have been given clear prior notice. The computer use policy is the primary vehicle for delivering that notice. Monitoring without adequate disclosure creates legal exposure in several US states, the EU under GDPR, and in Canada. Consider consulting employment counsel to confirm monitoring practices comply with applicable law in your jurisdiction.\n",{"question":413,"answer":414},"Does a computer use policy cover personal devices?","A standard computer use policy covers company-owned equipment. If employees access company data on personal devices — smartphones, home laptops, tablets — the policy should include a BYOD section that extends relevant rules to those devices, specifies MDM enrollment requirements, and discloses the company's right to remotely wipe company data from a lost or departed employee's personal device.\n",{"question":416,"answer":417},"How often should a computer use policy be updated?","At minimum, review the policy annually. Technology environments change quickly — new SaaS tools, AI assistants, remote-work arrangements, and evolving security threats can all create unaddressed gaps within 12 months. Trigger an immediate review after any significant security incident, major system change, or new regulatory requirement that affects data handling.\n",{"question":419,"answer":420},"What should the disciplinary consequences section say?","State that violations may result in disciplinary action up to and including immediate termination of employment, and that violations involving illegal activity will be referred to law enforcement. Avoid committing to a rigid progressive-discipline sequence — 'warning, then suspension, then termination' — because it removes HR's discretion to terminate immediately for serious first offences such as data exfiltration or accessing illegal content.\n",{"question":422,"answer":423},"Is a computer use policy required for ISO 27001 or SOC 2 compliance?","Yes. Both ISO 27001 (Annex A.6.2, A.8.1) and SOC 2 (Common Criteria CC6.1, CC6.2) require documented acceptable-use controls as part of a broader information security management program. Auditors will ask to see the policy, evidence of distribution, and signed employee acknowledgments. A missing or outdated policy is a common finding in both frameworks.\n",[425,429,433,437,441,445],{"industry":426,"icon_asset_id":427,"specifics":428},"Technology / SaaS","industry-saas","Covers use of production system access, source code repositories, cloud infrastructure credentials, and AI coding tools by engineering and product teams.",{"industry":430,"icon_asset_id":431,"specifics":432},"Financial Services","industry-fintech","Addresses regulatory requirements for data handling, prohibition on use of personal email for client communications, and enhanced monitoring obligations under FINRA and SEC rules.",{"industry":434,"icon_asset_id":435,"specifics":436},"Healthcare","industry-healthtech","Incorporates HIPAA requirements by reference, prohibits access to patient data on unsecured networks, and mandates automatic screen-lock timeouts on all devices in clinical areas.",{"industry":438,"icon_asset_id":439,"specifics":440},"Professional Services","industry-professional-services","Governs use of client-matter files on portable devices, rules for working from client sites on external networks, and confidentiality obligations for documents accessed remotely.",{"industry":442,"icon_asset_id":443,"specifics":444},"Retail / E-commerce","industry-retail","Addresses POS terminal use rules, prohibition on connecting personal devices to payment networks, and rules for employees accessing customer payment data on shared workstations.",{"industry":446,"icon_asset_id":447,"specifics":448},"Education","industry-education","Covers staff and student use of institutional networks, filtering requirements for minors, and FERPA obligations when accessing student records on school-issued devices.",[450,453,455,458],{"vs":243,"vs_template_id":451,"summary":452},"D{IT_SECURITY_POLICY_ID}","An IT security policy governs the technical controls the organization implements to protect its infrastructure — firewalls, patch management, access controls, and incident response procedures. A computer use policy governs employee behavior on those systems. The two documents are complementary: the IT security policy defines what the organization does to protect systems; the computer use policy defines what employees must and must not do when using them.",{"vs":228,"vs_template_id":229,"summary":454},"A remote work policy addresses the full range of home-office working arrangements — ergonomics, availability expectations, expense reimbursement, and communication standards. A computer use policy focuses specifically on how technology resources are used, regardless of location. Organizations with remote teams need both: the remote work policy sets the employment framework; the computer use policy sets the technology rules that apply wherever the employee is working.",{"vs":105,"vs_template_id":456,"summary":457},"social-media-policy-D13393","A social media policy governs how employees use social platforms — both on company time and in their personal capacity when representing the organization. A computer use policy sets broader rules for all internet and system use, of which social media is one component. If social media use is a significant concern, a standalone policy provides the additional detail that a computer use policy's internet-use section cannot cover adequately.",{"vs":89,"vs_template_id":459,"summary":460},"employee-handbook-D712","An employee handbook is a comprehensive reference document covering all employment policies — conduct, compensation, leave, benefits, and more. A computer use policy is a standalone operational document focused solely on technology use. The computer use policy is typically incorporated by reference into the employee handbook rather than reproduced in full, keeping both documents at a manageable length.",{"use_template":462,"template_plus_review":466,"custom_drafted":470},{"best_for":463,"cost":464,"time":465},"Small and mid-size businesses setting up or refreshing computer use rules for a domestic workforce","Free","1–2 hours",{"best_for":467,"cost":468,"time":469},"Organizations with remote workers across multiple states, BYOD programs, or compliance requirements under ISO 27001, SOC 2, or HIPAA","$300–$800 (HR consultant or employment attorney review)","2–5 days",{"best_for":471,"cost":472,"time":473},"Enterprises in regulated industries, organizations with significant monitoring programs, or businesses operating across multiple countries with differing employee-privacy laws","$1,500–$4,000+","1–3 weeks",[475,476],"employee-policy-acknowledgment-best-practices","it-security-basics-for-small-business",[459,232,229,478,479,480,481,244,225,240,482,483],"non-disclosure-agreement-nda-D12692","disciplinary-action-policy-D13486","data-breach-response-and-notification-policy-D13650","code-of-conduct-D13318","checklist-when-should-you-fire-an-employee-D507","confidentiality-agreement-D950",{"emit_how_to":485,"emit_defined_term":485},true,{"primary_folder":487,"secondary_folder":488,"document_type":489,"industry":490,"business_stage":491,"tags":492,"confidence":496},"software-technology","cybersecurity-policies","policy","general","all-stages",[489,493,494,488,495],"it","compliance","workplace-policies",0.95,"\u003Ch2>What is a Computer Use Policy?\u003C/h2>\n\u003Cp>A \u003Cstrong>Computer Use Policy\u003C/strong> is an internal organizational document that sets the rules governing how employees, contractors, and other authorized users may use company-owned computers, networks, internet access, software, and data. It defines acceptable activities, lists prohibited behaviors in specific terms, establishes baseline security requirements, discloses the organization's right to monitor system activity, and states the disciplinary consequences of violations. Unlike a technical IT security policy — which governs the controls the organization configures — a computer use policy governs human behavior at the keyboard.\u003C/p>\n\u003Ch2>Why You Need This Document\u003C/h2>\n\u003Cp>Operating without a documented computer use policy means there is no enforceable standard to apply when an employee installs unauthorized software that introduces malware, forwards confidential files to a personal Gmail account, or uses a company laptop to access illegal content. Without written rules that employees have acknowledged, disciplinary proceedings become credibility contests rather than policy-enforcement actions. Auditors conducting ISO 27001, SOC 2, or HIPAA reviews specifically request this document — a missing or outdated policy is one of the most common findings and can stall certification. This template gives you a complete, immediately editable foundation that takes under two hours to tailor, covering every material risk from password standards to remote-wipe rights, so your organization has documented rules in place before an incident makes them urgent.\u003C/p>\n",1781186030973]