Why an AUP is the first step

An AUP gives employees clear, actionable rules about which AI tools to use, what data can be shared with them, who may install desktop agents, and how to report incidents. Without that shared baseline you’ll either over-enforce (killing productivity) or under-protect (leaving sensitive data exposed).

Core items your AUP should cover

• Scope: who the policy applies to (employees, contractors) and which classes of tools (browser LLMs, plugins, desktop agents, extensions).
• Data rules: what may never be pasted/uploaded (PII, credentials, proprietary code, non-public customer data) and what can be used for experimentation.
• Approved tools & accounts: require company-approved/managed accounts where possible; prefer paid/enterprise plans that explicitly exclude customer inputs from training.
• Endpoint & installation controls: native, local, embedded, and desktop AI features require explicit approval and configuration based on licensing, account control, and data access.
• Monitoring & logging: how AI usage is audited, who reviews exceptions, and incident reporting steps.
• Training & exceptions: staff training, an exceptions request process, and regular policy review.

Start With an AI Policy Intake

Before writing rules, start with a short intake that captures the organization’s AI appetite, risk tolerance, tooling maturity, and permitted use cases. This turns the policy from a generic template into a practical risk profile your team can actually apply.

• Leadership AI Interest Level: AI-Positive/Eager, AI-Cautious, AI-Neutral, AI-Concerned, or AI-Restricted.
• Leadership AI Risk Level: AI-Risk-Averse, AI-Risk-Cautious, AI-Risk-Balanced, AI-Risk-Tolerant, or AI-Risk-Embracing.
• Approved AI Tool Licensing Level: enterprise or tenant-bound tools are lower risk, business or team tools are medium risk, and free or consumer tools are higher risk.
• Permitted Scope of AI Use: browser chat LLM use only is lower risk; browser plus approved application install is medium risk; browser/application use plus connections to company data is higher risk.

Use that profile to define the policy posture: approved tools and accounts, the licensing or control level required for each tool, what data each class of tool may access, and when new unmanaged, native, local, or embedded AI features need review before use. Because these AI features are changing quickly, a brittle blocklist falls behind fast; a clear approval and data-access model is more useful.

Why native and embedded AI change the risk model

Native apps, local clients, embedded assistants, and AI features built into everyday software can sometimes read files, access the clipboard, connect to local services, or interact with company data. That can make their potential blast radius larger than a browser chat tool. Treat them as high-impact software: require review before use, define which accounts and licenses are approved, decide what data each class of tool may access, and use MDM/EDR controls where they fit. The goal is not a static blocklist of every unmanaged AI feature; the goal is a practical approval model that can keep up as tools change.

About data & model training

Many consumer/free LLM services may use user inputs to improve models. Paid or enterprise plans (and managed offerings like Microsoft 365 Copilot) commonly include contractual protections that prevent customer data being used for training — but you must verify vendor terms. Make vendor data-use and deletion commitments part of procurement and your AUP.

Quick implementation checklist

• Publish an AUP (feel free to use the template free download below).
• Define approved tools and require managed, paid/enterprise accounts where possible.
• Require review for new unmanaged, native, local, or embedded AI features before use; approve tools by account type, licensing/control level, and permitted data access.
• Train staff on what’s allowed and how to report incidents.
• Review vendor contracts for explicit data-use protections before rollout.

Canadian organizations can also reference the Government of Canada’s Voluntary Code of Conduct for advanced generative AI systems when building internal AI governance, approval, and risk-management processes.

Need help putting structured and secure AI into practice?

Scout can also help deploy Teams‑connected AI agents that plug into your existing systems — remove manual entry, streamline workflows, and scale capacity without risky rewrites.

Explore Managed AI Automation

Download our Ai Acceptable Use Policy template: