Skip to content

fxops-ai/AI-acceptable-use-policy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
CITATION.cff
CITATION.cff
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ai-acceptable-use-policy.md
ai-acceptable-use-policy.md
 
 

Repository files navigation

AI Acceptable Use Policy (AUP) and Governance Framework for US Enterprises

Version 1.0 — March 2026 License: MIT

Overview

A customizable governance framework for US businesses adopting generative and agentic AI responsibly. Covers four primary domains:

  • Compliance — Data governance, privacy tiers, regulatory alignment (NIST AI RMF, ISO/IEC 42001, CCPA, Defend Trade Secrets Act)
  • HR — Acceptable use handbook provisions, training requirements, digital agent classification
  • Information Security — Audit trails, SIEM integration, agentic guardrails, model unlearning, incident response
  • Legal — Intellectual property protections, confidential information handling, sample vendor contractual language

Designed for US operations with guidance on cross-border adaptation (EU AI Act, GDPR). Includes a Customization Questionnaire (Appendix A) for organizations to adapt the framework to their size, industry, risk profile, and AI maturity.

Who This Is For

Any US-based organization seeking a documented, defensible starting point for AI governance — whether establishing policy for the first time or auditing an existing approach against current standards.

Contents

File Description
ai-acceptable-use-policy.md Full policy framework — main document
LICENSE MIT License

How to Use

  1. Read the full document to understand scope and structure.
  2. Work through Appendix A: Customization Questionnaire with your legal, HR, IT, and governance leads.
  3. Adapt sections to your organization's size, industry, and AI maturity.
  4. Adopt the Appendix B sample contractual language as a starting point for vendor agreements and HR handbook provisions.
  5. Schedule annual review — or sooner if triggered by regulatory changes, incidents, or new model deployments.

Always consult qualified legal counsel before finalizing your organization's policy.

Scope of Original Work

This framework was developed to address four functional areas:

  • Compliance: Data governance structure, privacy tiers, regulatory framework alignment
  • HR: User handbook provisions, training obligations, digital/agentic employee classification
  • IT / Information Security: Audit logging, SIEM, behavioral guardrails, shadow AI controls, model unlearning
  • Legal: IP ownership, confidential information protections, attorney-client privilege considerations, vendor contractual safeguards

Contributors

Human contributors:

  • John Williams
  • Chris Delegge
  • Travis Hall
  • Whitney Parker Mitchell

AI contributors:

  • Grok 4
  • Claude Sonnet (Anthropic)
  • GPT-5 (OpenAI)
  • Google NotebookLM (research synthesis)

License

MIT License. Free to use, adapt, and redistribute with attribution. See LICENSE for details.

Related Resources

Published by fxops.ai — March 2026

About

Customizable AI Acceptable Use Policy and governance framework for US enterprises. MIT licensed. Covers compliance, HR, infosec, and legal.

Topics

information-security intellectual-property data-governance responsible-ai ai-policy ai-compliance ai-governance generative-ai enterprise-ai open-source-policy agentic-ai llm-governance model-governance shadow-ai nist-ai-rmf ai-risk-management acceptable-use-policy hr-handbook ai-acceptable-use us-enterprise

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases 1

Version 1.0 - March 2026 Latest
Mar 10, 2026

Packages

 
 
 

Contributors