SOFTWARE POLICIES FOR AN ORGANIZATION & ITS EMPLOYEES

Published by the Software & Information Industry Association. You are given permission to duplicate and modify this policy statement
so long as attribution of the original document is to Software & Information Industry Association (SIIA).
(Updated and revised April 2004)

Organization Software Management and Usage Guidelines

[Organization] licenses the use of computer software from a variety of third parties. Such software is normally copyrighted
by the software developer and, unless expressly authorized to do so, [organization] has no right to make copies of the
software. The purpose of this policy is to prevent copyright infringement and to ensure proper software asset
management.
1. General Statement of Policy.
It is the policy of [organization] to respect and adhere to all computer software copyrights and to adhere to the terms of all
software licenses to which [organization] is a party. It is also the policy of [organization] to manage its software assets and
to ensure that [organization] installs and uses only legal software on its PCs (including portables) and servers.
[Organization] will take all steps necessary to prohibit its users from duplicating any licensed software or related
documentation for use either on [organizations] premises or elsewhere unless [organization] is expressly authorized to do
so by agreement with the licensor. Unauthorized duplication of software may subject users and/or [organization] to both
civil and criminal penalties under the United States Copyright Act. [Organization] must not permit any employee to use
software in any manner inconsistent with its applicable license agreement, including giving or receiving software from
clients, contractors, customers and others. It is the policy of the [organization] to acquire, copy, distribute, transmit and
use software in accordance with the software management policies of the [organization] and the terms and conditions in
any license agreement accompanying a particular software product.
2. User Education.
[Organization] will provide and require a software education program for all of its software users (to be crafted by the
software manager). Upon completion of the education program, users are required to sign the [organization's] Software
Management and Usage Guidelines ( see sample here). New users will be provided the same education program within 10
days of the commencement of their employment.
3. Budgeting for Software.
When acquiring computer hardware, software and training, [organization] must budget to meet the full costs at the time of
acquisition. When purchasing software for existing computers, [organization] must charge the purchases to the
department's budget for information technology or other appropriate budget set aside for tracking software purchases.
4. Acquisition of Software.
Legitimate software will be provided to all users who need it. All requests for software, including upgrades, must be
submitted to the [MIS, purchasing, or other appropriate] designated department. All software acquired by [organization]
must be purchased through the [MIS, purchasing, or other appropriate] designated department. Software will be purchased
only from reputable, authorized sellers. Software may not be purchased through user corporate credit cards, petty cash,
travel or entertainment budgets. If any software is acquired by a different department, that department shall immediately
notify the [MIS, purchasing, or other appropriate] designated department and identify and document the acquired software.

This policy applies to acquisitions of hardware that includes bundled or pre-loaded software.
Software acquisition channels are restricted to ensure that [organization] has a complete record of all software that has
been purchased for [organization] computers and can register, support, and upgrade such software accordingly. This
includes software that may be downloaded and/or purchased from the Internet.
5. Registration of Software.
When [organization] receives purchased software, the designated department (MIS, purchasing, etc.) must receive the
software first to complete registration and inventory requirements before installation. In the event the software is shrinkwrapped, the designated department is responsible for completing the registration forms and returning it (via publisher
prescribed means) to the software publisher. Software must be registered in the name of [organization] and department in
which it will be used. Due to personnel turnover, software will never be registered in the name of the individual user.
6. Installation of Software.
After the registration requirements above have been met, the software will be installed by the software manager or
employees expressly authorized by the software manager to install software on [organizations] computers. Only those
persons explicitly authorized by [organization] to install software may install software on [organizations] computers and
servers. Such persons shall not do so unless and until [organization] has first obtained an appropriate license for that
software. A software upgrade shall not be installed on a computer that does not already have a copy of the original version
of the software loaded on it.
7. Storage of Software and Documentation.
Once installed, the original media will be kept in a safe storage area maintained by the designated department. The
designated department will also store all original software licenses and registration and purchasing information in a safe
storage area. User manuals, if provided, must reside with the software manager, but may be loaned to users if the software
manager keeps records of who has borrowed the manual. The software manager shall destroy all copies of software that
are obsolete or that [organization] is no longer licensed to use.
8. Record Keeping.
The designated department shall keep and maintain a register of all [organization's] software. The register must contain: (a)
the title and publisher of the software; (b) the date and source of software acquisition; (c) the location of each installation
as well as the serial number of the hardware on which each copy of the software is installed; (d) the existence and location
of back-up copies; and (e) the software product's serial number. This register shall be maintained in a safe location.
9. Software Use.
No employee may use software unless [organization] has first obtained an appropriate license for that software. Before an
employee is permitted to use a particular software program, the designated department shall instruct users on the proper
usage of a particular software program and inform users of any use restrictions included within a license agreement
accompanying the program.
10. Internet Use.
Unless otherwise noted, all software, music, and audiovisual works found on the Internet shall be considered copyrighted
works. Therefore, users are prohibited from downloading these files without permission from the copyright holder.
Software programs or other files that are downloaded from the Internet must be scanned with virus detection software
before installation or execution. All appropriate precautions should be taken to detect for a virus and, if necessary, to
prevent its spread. Employees shall not place company material (copyrighted software, internal correspondence, etc.) on
any publicly accessible Internet computer without prior permission.

11. Using Company Software on Home Computers.

[Organization's] computers are organization-owned assets and must be loaded with only legal software. Only software
purchased through the procedures outlined above may be used on [organization's] machines. Users are not permitted to
bring software or other copyrighted material from home and load it onto [organization's] computers. Generally,
organization-owned software cannot be taken home and loaded on a user's home computer if it also resides on
[organization's] computer. If an employee is to use software at home, [organization] will purchase a separate package and
record it as an organization-owned asset in the software register. However, some software companies provide in their
license agreements that home use is permitted under certain circumstances. If an employee needs to use software at
home, he/she should consult with the software manager or designated software management department to determine if
applicable licenses permit home use.
12. Use of Shareware.
Shareware software is copyrighted software. It is the policy of [organization] to pay shareware authors the fee they specify
for use of their products and to abide by any license terms and conditions accompanying the software. Under this policy,
acquisition and registration of shareware products will be handled the same way as for commercial software products.
13. Software Audits.
[Organization] reserves the right to inspect an employees computer system for violations of this policy. The software
manager or designated department will conduct a regular audit of all [organization's] computers (including portables) and
servers, to ensure that [organization] is in compliance with all software licenses. Periodic, random audits shall also be
conducted as appropriate. Audits will be conducted using an effective auditing software product in a manner that is the
least intrusive and disruptive to employees. The full cooperation of all users is required during audits. Employees must not
remove or delete software. Removal or deletion of software must be done only by employees authorized by the software
manager.
14. Surveys.
The software manager shall conduct periodic software use surveys to determine existing and future software needs. Users
will complete the surveys promptly and to the best of their abilities.
15. Duty to Report Under-licensing.
Any employee who becomes aware of the installation, copying, use, distribution, or transmission of software within this
organization that is illegal or conflicts with [organizations] software management policies shall promptly notify an
appropriate person. This may include his or her supervisor, an appropriate employee within [organization], [organizations]
legal counsel, or the [MIS, purchasing, or other appropriate] designated department.
16. Discipline.
Any infringing activity by an employee may be the responsibility of the organization. Therefore, [organization] may choose
to hold the employee liable for their actions. According to the U.S. Copyright Act, illegal reproduction of software is
subject to civil damages of as much as US$150,000 (Section 504(c)(1) Title 17) per title infringed, and criminal penalties,
including fines of as much as US$250,000 per title infringed and imprisonment of up to ten (Section 2319 (b) (2) Title 18)
years. An [organization] employee who makes, acquires, or uses unauthorized copies of software will be disciplined as
appropriate under the circumstances. Such discipline may include (but is not limited to) a reprimand for minor offenses or
termination of employment for willful or repeat offenses. [Organization] does not condone the illegal duplication of
software or other copyrighted works and will not tolerate it.
17. Employee Questions.
Any questions about this policy or whether you may copy or use a particular software program should be directed to [MIS,
purchasing, or other appropriate] department.

I have read [organization's] anti-piracy and software compliance statement and agree to bind the [organization] accordingly.
I understand that violation of any above policies may result in both civil liability and criminal penalties for the [organization]
and/or its employees.
___________________________________________________
SIGNATURE
___________________________________________________
TITLE
___________________________________________________
DATE