← Back to AI Acceptable Use Policy Template

Free preview: AI Acceptable Use Policy

These are the genuine opening sections of one document from the AI Acceptable Use Policy Template (1 documents total). The amber [placeholders] are what you customize — everything else is ready to use.

AI Acceptable Use Policy

Purpose. This policy gives every member of the [Company Name] workforce clear, practical rules for using AI tools at work. It defines which tools may be used, what information must never be entered into an AI tool, how AI outputs must be verified before they are relied on, when AI involvement must be disclosed, and how to report unapproved (shadow) AI use. Following these rules protects customers, colleagues, and the organization from data leakage, inaccurate work products, and regulatory exposure, and supports the workforce AI literacy expectations of EU AI Act Article 4.

General Rules

AI tools can draft, summarize, translate, analyze, and suggest, but they can also be confidently wrong, leak whatever you type into them, and reproduce bias. The rules below exist so that AI speeds up your work without putting [Company Name], its customers, or your colleagues at risk. This policy implements the AI Governance Policy at the individual-user level; if you are unsure whether something is allowed, ask the [Role, e.g. AI Governance Lead] before doing it.

  • You must use only AI tools listed as approved on the approved tools register described in this policy, and only for the purposes and data categories stated in the register.
  • You remain personally responsible for any work product you submit, send, or publish, regardless of whether AI helped create it.
  • You must complete the AI literacy training required by the AI Governance Policy before using AI tools for business purposes, and at least annually thereafter.
  • You must never use AI tools to make a final decision about a person (for example hiring, discipline, credit, or eligibility); such uses require the safeguards in the Human Oversight and Accountability Standard and specific approval under the AI Governance Policy.

Approved Tools and the Tools Register

The [Role, e.g. AI Governance Lead] maintains the approved tools register at [location, e.g. intranet page or shared drive path] and must update it within [5] business days of any approval decision made under the AI Governance Policy. Every tool on the register carries one of the statuses below. A tool that does not appear on the register is not approved.

Prohibited Inputs

Treat anything you type, paste, upload, or dictate into an AI tool as potentially leaving the organization's control. Unless the approved tools register explicitly permits a data category for a specific tool, you must never enter the following into any AI tool:

  • Personal data about customers, employees, or any identifiable person, including names combined with contact details, identification numbers, photos, or voice recordings; see the AI Data Governance and Privacy Policy for the full data category definitions.
  • Authentication material of any kind: passwords, API keys, access tokens, MFA codes, or security question answers.
  • Confidential business information, including unreleased financials, pricing strategy, M&A plans, customer lists, and anything received from a customer or partner under a nondisclosure agreement.
  • Payment card data, bank account details, and government-issued identifiers such as Social Security numbers.
  • Health information about any identifiable person.
  • Proprietary source code, system configurations, or network details, unless the register entry for the tool explicitly permits code and the repository owner has approved.

Verifying AI Outputs

AI tools generate plausible text, numbers, citations, and code that can be wrong. Before relying on or distributing AI output, you must complete the following verification steps. For decision-affecting outputs, the review depth and reviewer qualifications in the Human Oversight and Accountability Standard apply in addition to this section.

— Preview ends. The full document continues with 0 more documents in the toolkit. —

Get the full toolkit — $14

More free previews

See real opening sections from our other compliance toolkits before you buy:

← Browse all compliance toolkits

Professional editable templates — general information only, not legal, audit, tax, or certification advice, and no professional or advisory relationship is created. No purchase makes an organization compliant or certified. Review each document with qualified counsel, your compliance professional, or your auditor before relying on it. ISO, IEC, SOC 2, AICPA, HIPAA, NIST, GDPR, the EU AI Act, IRS and FTC are referenced descriptively only; ComplianceDocs (ExpertEngine LLC) is independent and is not affiliated with, endorsed by, or certified by any standards body, regulator, or audit firm.