Question

6. Will the AUP apply to all levels of the organization? Why or why not?
7. When should an AUP be implemented and how?
8. Why would an organization want to align its policies with existing compliance requirements?
9. In which domain of the seven domains of a typical IT infrastructure would an acceptable use policy (AUP) reside? How does an AUP help mitigate the risks commonly found with employees and authorized users of an organization’s IT infrastructure?

Answer 1

Answered all the questions . Can you please UPVOTE if this helped you?

Let me know if you have any doubt.

6)

Answer:Yes this will apply to all levels from the lower level to the executive level. The AUP is there for the benefit of the organizations so it applies covers every aspect of such.

7)

Answer:

This policy should be in effect from day 1 of operation and periodically needs to be audited for weaknesses and vulnerabilities.

8)

Answer:

This way they do not have to do double work with keeping up with two policies and the organization will need to be compliant regardless so this makes sense to have the same policies.

9)

Answer:

The LAN-to-WAN domain is typically where the AUP policy should reside. This is the domain where all the data traffic travels in and out of the networks infrastructure. This is where it is best to place the AUP so that internal or external users can accept the AUP prior to using any systems that exist on the company network.

This AUP commonly helps to mitigate risks that are commonly found with employees and authorized users by detailing what how certain actions are legal or illegal. This can also constitute the actions that may get an employee terminated or not. Most users will comply to avoid any negative repercussions.