It's nice to see that people are sharing a lot , i would like to welcome Ms.Soniya to citeHR and it was really a nice illustrated reply from Vineeeta on the first reply , it's really impressive . Thanks to her too .
the suggestion of other members is really interesting .
you need to check the various aspects and issues generally people have in hanling the internet : use or misuse . create and Provide clear documentation for each rule and network object will defining it well, so that even fresher member can understand .
few tips I got from IBM site for you:
Make sure the policy development team has been very thorough in defining what employees can and cannot do. The team should consider all internal areas, not just Internet access. For example, if only HR employees can access the payroll system, this should be defined in the Acceptable Use policy. Should all employees have access to production systems?
You also need to check For Internet access, are there any sites employees cannot access? Any technologies they cannot use, such as Napster, streaming media, ICQ, Yahoo Messenger, social media sites,FTP, Telnet, etc.?
Policies also need to be reviewed on a periodic basis to ensure they are still representative of what is in place. Most companies review their security policies on an annual basis and update the information as necessary.
Sorry for the lack of time to give you better response as of now , will surely upload the document later
Hope the suggestions will work for you .
Regards
Arvi