# Acceptable Use Policy Template

## Purpose

This policy defines how AI systems may and may not be used within the organization.

## Scope

This policy applies to employees, contractors, and any personnel using AI systems for organizational work.

## Approved tools

List approved tools here.

## Prohibited tools or uses

List prohibited tools, categories, or uses here.

## Data restrictions

The following data may not be entered into unapproved or external AI systems without explicit approval:

- customer personal information
- employee records
- financial records
- legal privileged material
- credentials, secrets, or security-sensitive information
- regulated data categories

## Output review

AI-generated material must be reviewed before it is:

- sent externally
- used in decision-making
- entered into formal records
- published or distributed
- used to trigger downstream actions

## Incident reporting

Suspected policy violations or AI-related incidents must be reported to the designated governance contact immediately.

## Exceptions

Exceptions require documented approval from the designated authority.