Consumer and External AI Tool Acceptable Use Policy
Establish an acceptable use policy for employee and contractor use of consumer-grade and externally hosted AI tools — including public AI assistants, browser-based AI tools, and AI-enabled SaaS features — that defines permitted uses, data handling restrictions, access controls, and onboarding attestation requirements to manage shadow AI risk.
Objective
Reduce shadow AI risk and data governance violations arising from uncontrolled employee use of consumer AI tools, by establishing clear acceptable use requirements, enforcing them through onboarding attestation and periodic training, and implementing detection controls to identify high-risk usage patterns.
Maturity Levels
Initial
Employees use consumer AI tools for work purposes without any formal policy or guidance. There is no visibility into which tools are in use, what data is being entered into them, or whether usage complies with data handling obligations.
Developing
General IT acceptable use policy covers AI tools at a high level (e.g., do not enter confidential data into public AI tools). Specific guidance is not available, and the policy is not enforced through technical controls or systematic training. Contractors are not covered.
Defined
An AI tool acceptable use policy defines: approved and prohibited consumer AI tools, permitted use cases for each tool category, data classification restrictions for AI tool inputs (aligned to MGV-005), contractor access restrictions, onboarding attestation requirements, and reporting process for policy violations. All employees and contractors complete AUP acknowledgment before AI tool access.
Managed
AUP compliance is enforced through: periodic training (at least annual), DLP monitoring for high-risk AI tool usage patterns (uploads of regulated data to public AI APIs), and IT controls that block access to prohibited AI tools on managed devices. Contractor AI tool access is governed by contractual clauses and onboarding attestation.
Optimizing
AUP is reviewed and updated at least annually to reflect new AI tools entering the market and changes in the organization's approved tool list. Usage monitoring data is used to identify training needs and policy refinements. The AUP is coordinated with the shadow AI detection program (PRC-014) and the generative AI input data classification policy (MGV-005).
Evidence Requirements
What an auditor or assessor would expect to see for this control.
- —AI tool acceptable use policy defining approved tools, permitted uses, data restrictions, contractor requirements, and attestation process.
- —Approved AI tools list with tier classification, data handling assessment, and DPA status for each approved tool.
- —Employee and contractor AUP acknowledgment records, including annual re-acknowledgment.
- —DLP monitoring configuration documentation showing detection rules for high-risk AI tool usage.
- —Annual training completion records for AI AUP training.
Implementation Notes
The consumer AI tool governance challenge
Consumer AI tools — publicly accessible AI assistants, browser-integrated AI, AI-enabled features in SaaS products — represent the largest uncontrolled AI surface in most organizations. The volume and ease of access means that traditional IT governance approaches (block and control) are not fully effective. The realistic approach combines:
- Clear policy on what is and is not permitted
- Approved tools list: sanctioned tools that meet security and data handling standards
- Onboarding attestation and annual training
- Detection: monitoring for high-risk usage without creating surveillance culture
- Escalation: a process for employees to report uncertainty or request guidance
Structuring the approved tools list
An approved tools list categorizes consumer AI tools by their data handling characteristics and defines permitted uses for each:
Tier 1 — Full approval (enterprise license with DPA): AI tools procured at the enterprise level with a data processing agreement, enterprise-specific data isolation, and confirmed compliance with the organization's data retention and AI training opt-out requirements. These tools are approved for use with internal (Category 2) data. Examples: organization's enterprise Copilot deployment, enterprise Claude subscription with API key.
Tier 2 — Limited approval (standard consumer tool, non-sensitive use only): Consumer AI tools without an enterprise DPA but with acceptable data handling for non-sensitive use. Permitted for: public information, learning and research, creative drafting of non-sensitive content, code generation for non-production, non-proprietary purposes. Examples: ChatGPT free tier, Claude.ai consumer account, Gemini consumer account. Data restriction: Category 1 (public) only.
Tier 3 — Prohibited: AI tools with inadequate data handling, unclear jurisdiction, or high risk of data exposure. Examples: unknown or newly launched AI tools without published privacy policies, AI tools with explicit model training on user inputs without opt-out. Not permitted for any work use.
Unapproved tools not on the list: Employees must request assessment before using AI tools not on the approved or prohibited list. Assessment turnaround: 5 business days.
Contractor-specific controls
Contractors present additional risk because:
- They may use personal devices with consumer AI tools that are not subject to organizational DLP controls
- They may have access to sensitive data through their engagement without the same employment-based compliance culture as employees
- Their AI tool use may create IP ownership complications if AI-generated work product is delivered as part of an engagement
Contractor AI tool requirements:
- Onboarding attestation acknowledging the organization's AI AUP before work commences
- Contractual clause in services agreements requiring contractors to comply with the organization's AI AUP during the engagement
- Specific restrictions on entering client data or confidential work product into consumer AI tools without prior written approval
- For engagements involving high-sensitivity data: explicit prohibition on consumer AI tool use for engagement-related work unless using organization-provided enterprise AI tools
Detection without surveillance
DLP monitoring for AI tool usage can create employee relations and trust issues if not handled carefully. Effective detection focuses on:
- High-risk signals: Large uploads to consumer AI tool endpoints (suggesting document upload, not just text entry); API calls to AI tool endpoints from devices with access to regulated data systems; access to prohibited AI tool domains on managed networks.
- Aggregate, not individual: Monitor at the aggregate level for policy violation trends; investigate individuals only when specific high-risk signals are triggered.
- Transparency: Inform employees that DLP monitoring is in place for AI tool usage on managed networks and devices. Surprise surveillance damages trust; transparent monitoring reinforces that the policy is real.
- Safe harbor for uncertainty: Encourage employees to ask before using a tool they are unsure about, rather than self-censoring or taking risks. Make the question-asking process easy and non-punitive.
Example Implementation
AI Tool Acceptable Use Policy — Quick Reference (Employee Version)
What you can use:
| Tool | Tier | What you can enter | What you cannot enter |
|---|---|---|---|
| Microsoft 365 Copilot (enterprise) | 1 — Full | Internal documents, emails, meeting notes (Category 2) | Regulated data (Category 4/5) without prior approval |
| Claude for Work (enterprise) | 1 — Full | Internal documents, project work (Category 2) | Client PII, privileged communications without prior approval |
| ChatGPT (consumer account) | 2 — Limited | Public information, your own creative work, non-proprietary code | Anything you wouldn't post publicly. No client data, no internal business data. |
| Claude.ai (consumer account) | 2 — Limited | Public information, learning/research, generic drafts | Same restrictions as ChatGPT consumer |
| Any AI tool not on this list | Not approved | Do not use for work purposes | — |
The one rule: If you're not sure whether what you're about to enter is OK, use a Tier 1 tool or ask IT. Don't guess.
What we monitor: On managed networks and devices, we have DLP monitoring that detects large document uploads to consumer AI tool endpoints. This is disclosed to detect accidental policy violations, not to surveil your work.
Contractor requirements: Your engagement agreement includes an AI tool AUP requirement. You are bound by this policy during the engagement. If you need to use AI tools beyond what's listed above, request assessment via [channel].
Annual attestation required: You will receive an annual acknowledgment request. Completion is required to maintain AI tool access.
Questions? [IT/compliance contact] — we want you to use AI tools productively and safely.