Sample email policy

Policies are there to aware the affected audience of a company to 

make sure whether they are doing the things correctly.

Operational necessity dictates the majority of actions taken by an IT department. Both documented and undocumented policies and procedures are developed to support the performance of actions dictated by such operational necessity. However, these are not the only reasons for policy development. Informational resources must be protected from unauthorized access. A fully developed information security program with documented security policies and procedures provides the structure and guidance needed to help ensure the protection of informational resources.

Policies are defined in many areas to ensure the security of information. Email policy is an another area. The below email policy document is for a warehouse in which war-machines are stored before to distribute among the forces. 

ABC Company

Email policy

1.      Overview

Electronic communications are broadly used in organizations to proceed the internal communications. some misusage of the email may expose the organization to some legal, security and privacy risks. This policy guideline for what is the acceptable usage and what is not.

2.      Purpose

This email policy assures the proper usage of electronic mail system of the ABC company and further it assures the awareness of the users what is allowed to do and what is not.

3.      Scope

This policy is applied for all the emails that are sent and received to the ABC company emails through any device and via any network.

Email policy of the ABC company affected to

·         All employees in the ABC company

·         Agents who import the war-machines

·         All members in the forces

·         Any government representative

4.      Policy

4.1  Sending mails

1.      The ABC electronic communication system should not be used to send chain letters and any personal business mails.

2.      Broadcasting personal views on political, religions and society is not allowed.

3.      Should not forward any mail that are declared as confidential to any unauthorized parties.

4.      The given mail address should be used by every employee in the ABC company to send the mails.

5.      ABC Company may not responsible for the mails that are not delivered.

6.      The audience of this policy cannot send any information of the war-machines to unauthorized parties.

4.2 Content

1.      Data contained in the mail or the massage should be secured according to the Data Protection Standards.

2.      Content of the mail should be formal and polite.

3.      Massage of the mail should be scheduled according to the given format by the ABC Company.

4.      Mail should not contain any Phishing URLs and viruses.

5.      Mails should not contain inappropriate images, videos or audio clips.

4.3 Receiving mails

1.      Be aware and go through the mail address of the sender before to open the mail.

2.      Employees are not allowed to read the mails that received to others.

3.      If the receiving mail contain any inappropriate things that are affect to the ABC company, it should be informed to the responsible people of the company.

       4.4 Usage

1.      Prohibited to use the third party mail systems and storage services (Ex: Google, yahoo, MSN Hotmail) to do the transactions and to store any receiving or sending mail.

2.      Top level management can monitor the mails that are sent through the ABC company electronic mail system.

3.      The content of the mail cannot be copied to any portable or online storage medias without the permission.

5.      Compliance

5      5.1  Compliance measurements

The information security team of the ABC company will verify the compliances according to the policies by using various methods (video monitoring, log information of the emails, internal and external security audits).

5     5.2  Exception

Exceptions should be approved by the information Security team of the ABC Company.

5     5.3  Non-Compliance

Any employee who violates the mentioned policies has to subject to any disciplinary actions or penalty up-to employee termination

6.      History/Revision date

Adoption date         -   July 30, 2017

Next Review Date   - July 30, 2018

Responsible Party   - Information security team of the ABC Company