Guidelines for Organizational Software Use

April 15, 2001
A sample policy covering a range ofcompany software issues.

Guidelines for Organization SoftwareUse

General Statement of Policy

It is the policy of (organization) torespect all computer software copyrights and to adhere to the terms of allsoftware licenses to which (organization) is a party. (Organization) will takeall steps necessary to prohibit users from duplicating any licensed software orrelated documentation for use either on (organization) premises or elsewhereunless (organization) is expressly authorized to do so by agreement with thelicenser. Unauthorized duplication of software may subject user and/or(organization) to both civil and criminal penalties under the United StatesCopyright Act. (Organization) must not permit any employee to use software inany manner inconsistent with the applicable license agreement, including givingor receiving software or fonts from clients, contractors, customers and others.

User Education

(Organization) must provide and requirea software education program for all its software users (to be crafted by thesoftware manager). Upon completion of the education program, users are requiredto sign the (organization's) Employee Personal Computer Software UsageGuidelines. New users will be provided the same education program within ten(10) days of the commencement date of their employment.

Budgeting for Software

When acquiring computer hardware,software, and training, (organization) must budget accordingly to meet the costat the time of acquisition. When purchasing software for existing computers(organization) must charge the purchases to the department's budget forinformation technology or an appropriate budget set aside for tracking softwarepurchases.

Acquisition of Software

All software acquired by (organization)must be purchased through the (MIS, purchasing, or other appropriate designated)department. Software may not be purchased through user corporate credit cards,petty cash, travel, or entertainment budgets. Software acquisition channels arerestricted to ensure that (organization) has a complete record of all softwarethat has been purchased for (organization) computers and can register, support,and upgrade such software accordingly. This includes software that may bedownloaded and/or purchased from the Internet.

Registration of Software

When (organization) receives thesoftware, the designated department (MIS, purchasing, etc.) must receive thesoftware first to complete registration and inventory requirements beforeinstallation. In the event the software is shrink-wrapped, the designateddepartment is responsible for completing the registration card and returning itto the software publisher. Software must be registered in the name of(organization) and the department in which it will be used. Due to personnelturnover, software never will be registered in the name of the individual user.The designated department maintains a register of all (organization's) softwareand will keep a library of software licenses. The register must contain:

  1. title and publisher of the software;

  2. date and source of softwareacquisition;

  3. location of each installation aswell as the serial number of the hardware on which each copy of the softwareis installed;

  4. existence and location of backupcopies; and

  5. the software product's serialnumber.

Installation of Software

After the registration requirementsabove have been met, the software manager will install the software. Onceinstalled, the original media will be kept in a safe storage area maintained bythe designated department. User manuals, if provided, will reside either withthe user or the software manager.

Home Computers

(Organization's) computers areorganization-owned assets and must be kept both software legal and virus free.Only software purchased through the procedures outlined above may be used on(organization's) machines. Users are not permitted to bring software from homeand load it onto (organization's) computers. Generally, organization-ownedsoftware cannot be taken home and loaded on a user's home computer if it alsoresides on (organization's) computer. If a user is to use software at home,(organization) will purchase a separate software package and record it as anorganization-owned asset in the software register. However, some softwarecompanies provide in their license agreements that home use is permitted undercertain circumstances. If a user needs to use software at home, he/she shouldconsult with the software manager or designated department to determine ifappropriate licenses permit home use.


Shareware software is copyrightedsoftware that is distributed via the Internet. It is the policy of(organization) to pay shareware authors the fee that they specify for use oftheir product. Under this policy, acquisition and registration of sharewareproducts will be handled the same as commercial software products.

Quarterly Audits

The software manager or designateddepartment will conduct a quarterly audit of all (organization's) PCs andservers, including portables, to ensure that (organization) is in compliancewith all software licenses. Surprise audits may be conducted as well. Auditswill be conducted using an auditing software product. Also, during the quarterlyaudit, (organization) will search for computer viruses and eliminate any thatare found. The full cooperation of all users is required during audits.

Penalties and Reprimands

According to the U.S. Copyright Act,illegal reproduction of software is subject to civil damages of as much as U.S.$100,000 per title infringed, and criminal penalties, including fines of as muchas U.S. $250,000 per title infringed, and imprisonment of up to five years. An(organization) user who makes, acquires, or uses unauthorized copies of softwarewill be disciplined as appropriate under the circumstances. Such discipline mayinclude termination of employment. (Organization) does not condone the illegalduplication of software and will not tolerate it.

I have read (organization's)anti-piracy statement and agree to bind the (organization) accordingly. Iunderstand that violation of any above policies may result in both civilliability and criminal penalties for the (organization) and/or its employees.





SOURCE: Software &Information Industry Association (SIIA), SPA Anti-Piracy Division.

Reprinted with permission of E-PolicyHandbook: How to Develop Computer, E-mail, and Internet Guidelines to ProtectYour Company and its Assets by Nancy L. Flynn, published by AMACONBooks. All rights reserved.

The information contained here is intended toprovide useful information on the topic covered, but should not beconstrued as legal advice or a legal opinion.