IT Policies: To minimize the possibility of a Virus Infection or data loss, your staff should only use your IT Equipment and Systems for the purposes intended. If no IT Policies are implemented, it will be difficult to try and enforce a directive that staff do not visit non-business-related websites or use non-business-related software, for example.

IT Policies should be implemented that enables an organization to mandate what safe IT-related work practices are, what activities should be prohibited, and what are the disciplinary steps for non-compliance.