In this project, students will investigate a sample acceptable use policy of an organization and try to revise it based on the SANS Acceptable Use document.

1. Locate a copy of the Computer Use Policy of an organization (the policy).
2. Study the Acceptable Use Policy published by the SANS Institute in 2003, which is available at http://secinf.net/policy_and_standards/Acceptable_Use_Policy.html (or a local copy), and Danchev's article, Building and Implementing a Successful Information Security Policy, which is available at http://secinf.net/policy_and_standards/Building_Implementing_Security_Policy1228.html (or a local copy).
3. Compare the policy against the recommendations made respectively by Danchev and the SANS Institute.
   
4. Identify three statements in the policy that can be improved, based on the recommendations by Danchev and the SANS document.
5. Identify three aspects of the policy that are not well covered in the SANS document.